EU Tightens Up GDPR Rules

July 5, 2023
Back
The European Commission has proposed a new law that will streamline cooperation between data protection authorities in the EU when enforcing the General Data Protection Regulation (GDPR) in cross-border cases.

The European Commission has proposed a new law that will streamline cooperation between data protection authorities in the EU when enforcing the General Data Protection Regulation (GDPR) in cross-border cases.

New rules that have been developed by the European Commission are aiming to incentivise strong enforcement of the GDPR in intra-member state investigations.

The new regulation will set up concrete procedural rules for the authorities when applying the GDPR in cases that affect individuals located in more than one EU member state.

For example, it will introduce an obligation for the lead data protection authority (DPA) to send a summary of key issues to their counterparts concerned, identifying the main elements of the investigation and its views on the case, and allowing them to provide their views early on in the process.

Speaking about the new law, European Commission vice president Věra Jourová praised the GDPR as a “synonymous for effective data protection law globally” but added more work was necessary.

“While the independent authorities are doing a tremendous work, it’s time to ensure we can operate faster and in a more decisive way,” she said, adding that this is especially important in serious cases in which one violation may have many victims across the EU.

“Our proposal lays down rules to guarantee smooth cooperation among data protection authorities, supporting more vigorous enforcement, to the benefit of the people and businesses alike.”

It is hoped that the proposal will contribute to a reduction in disagreements among various national authorities and facilitate consensus among authorities in the initial stages of the process.

In recent years, authorities such as the Irish Data Protection Commission have incurred criticism from regulators elsewhere in the EU for their action, or lack thereof, of bigtech firms such as Meta.

For individuals, the new rules will clarify what they need to submit when making a complaint and ensure that they are appropriately involved in the process.

For businesses, the new rules will clarify their due process rights when a DPA investigates a potential breach of the GDPR.

The rules will, therefore,bring swifter resolution of cases, which lays the groundworks for quicker remedies for individuals and more legal certainty for businesses.

For data protection authorities, meanwhile, the new rules are intended to smooth cooperation and enhance the efficiency of enforcement action.

Our premium content is available to users of our services.

To view articles, please Log-in to your account, or sign up today for full access:

Opt in to hear about webinars, events, industry and product news

To find out more about Vixio, contact us today
No items found.
No items found.