Nobody puts data in a corner? Why a new approach to categorising personal data is required for the obligation to inform

Transparency is a key principle of EU data protection law and the obligation to inform is key to ensuring transparency. The purpose of this obligation is to provide data subjects with information that allows them to assess the compliance and trustworthiness of the data controller. Despite the benefits of categorising personal data for this purpose, a coherent and consistent approach to doing so under the obligation to inform has not emerged. It is unclear what a ‘category’ of personal data is and when this information must be provided. This results in reduced transparency for data subjects and uncertainty for data controllers regarding their legal obligations, defeating the purpose of this obligation. This article highlights these issues and calls for clarification on them. It also posits that in clarifying the law, a new approach to categorising personal data is required, to achieve the benefits of categorisation and increase the transparency of personal data processing for data subjects