The EU’s normative power in the digital age: the GDPR as a case study of extraterritorial reach

The thesis investigates the normative power of the European Union in the digital sector at the international level, focusing particularly on the GDPR. The study aims to assess the scope of EU’s normative power. To achieve this, the thesis employs a multimethod approach, combining analysis of GDPR text with relevant secondary sources and a comparative examination of selected case studies. The first chapter presents a literature review examining theoretical concepts concerning the EU’s international normative role. The key concepts analysed include Normative Power Europe, the Brussels Effect, and Digital Constitutionalism, which collectively provide a foundation for understanding the EU’s global influence. The second chapter offers a normative analysis of the GDPR, focusing on its key provisions. It examines not only the main actors and mechanisms involved, but also how the normative text serves as a bridge between the theoretical concepts discussed in the first chapter and the notion of extraterritoriality explored in the third chapter. The third chapter focuses on empirical case studies illustrating the extraterritorial reach of the GDPR. It presents cases categorised under the de jure Brussels effects as well as de facto Brussels effect, demonstrating the practical scope of the EU’s normative influence. The chapter also addresses the limits of this extraterritorial reach. The conclusion summarises the key findings of the thesis, reconsidering the theoretical concepts introduced in the first chapter in light of the insights gained from the normative and empirical analyses presented in the second and third chapters.