EU report finds GDPR working, but more enforcement needed

News General Europe 24 JUN 2020
EU report finds GDPR working, but more enforcement needed

The EU's General Data Protection Regulation is meeting most of its objectives, with the creation of a strong culture of data protection with enforceable rights, an evaluation of the regulation found. Two years after the landmark regulation took effect, the first major evaluation found that more work is needed still to ensure the rules are applied uniformly across the EU and cross-border cases are handled more efficiently. 

In a statement on the evaluation report, the European Commission praised the GDPR as a "reference point around the world" for a high level of personal data protection. In addition to strengthening citizens' rights and raising their awareness on key elements of digital services, the regulation is creating a new governance culture among businesses, the Commission noted. Some companies have started to compete based on the high level of data protection provided, and concepts such as privacy by design are inspiring new forms of innovation. 

The main challenge since the GDPR took effect in 2018 has been enforcement. Most national data protection regulators have needed a big increase in staff and budgets in order to handle the jump in GDPR-related complaints and investigations. Overall, there has been a 42 percent increase in staff and 49 percent rise in budgets for all national data protection authorities together in the EU between 2016 and 2019. However, there are still "stark differences" across the member states, the report found. 

The national authorities are also struggling with the 'one-stop shop' concept, which allows companies operating in multiple countries to answer to a single national regulator where they are based. Only 79 decisions had been issued in such cross-border cases as of the end of 2019. In particular, the Irish regulator has come under fire for its slow investigation of complaints against big multinationals such as Facebook and Google. The handling of cross-border cases "calls for a more efficient and harmonised approach and an effective use of all tools provided in the GDPR for the data protection authorities to cooperate," the Commission said. 

The European Data Protection Supervisor, which helps coordinate EU policy on data protection, said it agreed with the Commission's positive evaluation, while noting that the "consistent and efficient enforcement of the GDPR remains a priority". The EDPS called for more "solidarity" among countries and said it supported the idea of setting up a pool of experts that can help national authorities when they are dealing with complex and demanding cases. 

Additional evaluations of the GDPR will be conducted every four years going forward. 

Categories:

General

Regions:

Europe

Tags:

Regulations, Legislation - Lawsuits

Related Articles

EUROPE 24 FEB 2023

EDPS starts pilot to encourage local open-source software at EU agencies

The European Data Protection Supervisor (EDPS) announced a pilot project using open-source software Nextcloud and LibreOffice Online. Under the agreement with the two providers, all EU institutions and agencies (EUIs) will have access to tools compliant with EU data-protection law, including filesharing, messaging, video-calling, and collaborative drafting in a secured cloud environment. The EDPS said that sourcing these from a single entity in the EU avoids the use of sub-processors and thus data transfers

EUROPE 27 MAY 2021

EDPS to probe use of AWS and Microsoft cloud services following 'Schrems II' ruling

The European Data Protection Supervisor, which helps coordinate EU policy on data protection, said it has launched an investigation into the use of cloud services provided by Amazon Web Services and Microsoft following last year's "Schrems II" judgment on the transfer of Europeans' personal data to the US. The EDPS said it will also probe the use of Microsoft Office 365 by the European Commission.

EUROPE 25 JAN 2021

EU may fine WhatsApp EUR 50 mln for privacy violations - report

Ireland's Data Protection Commission may fine WhatsApp EUR 30-50 million for failing to meet transparency requirements under the EU's privacy regulation, according to three people with direct knowledge of the procedure who spoke with Politico. WhatsApp may also be required to change the ways in which it manages its end-users' data.

EUROPE 15 DEC 2020

Twitter fined EUR 450,000 by DPC for breach of GDPR regulations

Twitter has been fined EUR 450,000 by Ireland's Data Protection Commission (DPC) for a breach of the EU's GDPR regulations. The Irish privacy watchdog is in charge of monitoring Twitter's operations across the EU. 

EUROPE 10 DEC 2020

Twitter, Vimeo, WordPress push for EU flexibility in new rules to take down illegal content

Twitter, Vimeo, Mozilla and WordPress.com's owner Automattic asked the EU to take a flexible strategy towards harmful and illegal online content instead of blanket rules requiring content removal. The companies said such an approach would help preserve an open internet. 

EUROPE 19 OCT 2020

Irish watchdog investigating Instagram's handling of children's personal data

David Stier, a US data scientist who first discovered the loophole, estimates that as many as 5 million children had personal details exposed when they switched from a personal to a business setting to receive statistics on how popular their photos and videos were. No proof is required that the user actually runs a company, meaning personal contact details such as phone numbers and email addresses were publicly displayed on their profile, allowing anybody to contact the children outside of the app.

EUROPE 18 AUG 2020

Noyb files privacy complaints over 100 European companies still sharing data with Google, Facebook

Telecom operators Tele2, Free Mobile and Fastweb are among the over 100 companies facing complaints from the privacy rights group Noyb. The group led by Max Schrems said the companies' websites are still using Google and Facebook code that allows data on users to be sent to the US, despite the EU Court of Justice declaring this illegal a month ago. 

EUROPE 29 JUL 2020

Court temporarily halts EU data demands in Facebook antitrust case

The EU General Court has accepted Facebook's request to temporarily halt requests for data from EU antitrust regulators on the grounds that they are excessively personal, reports Reuters. The European Commission is investigating the technology giant's data and online marketplace practices and has so far received 315,000 documents from Facebook, equivalent to 1.7 million pages, many of which reportedly contain highly personal details.

EUROPE 28 JUL 2020

Facebook sues EU antitrust regulator for 'highly personal' data requests

The documents contain employees' medical information, personal financial documents and private information about family members of employees, said the executive, adding that the company has been forced to ask for the requests to be reviewed by the EU courts, with the EC pledging to defend its case in court. An unnamed source cited in the report said EU regulators are looking for about 2,500 search phrases which include "big question", "shut down" and "not good for us".

EUROPE 25 MAY 2020

Irish regulator progresses in GDPR cases against Twitter, WhatsApp, Facebook

The Irish Data Protection Commission (DPC) announced it's making progress on investigations into major social media companies thought to have violated the EU's General Data Protection Regulation. This includes procedures against Twitter, WhatsApp and Facebook.

EUROPE 14 MAY 2020

Noyb.eu files formal GDPR complaint against Google

Austria-based non-profit organiation Noyb said it filed a formal GDPR complaint against Google with the Austrian data protection authority for illegally tracking users through an "Android Advertising ID". The gathered data with this unique tracking ID is passed on to countless third parties in the advertising ecosystem. Noyb said end-users have no real control over it as Google doesn't allow them to delete their IDs, just to create new ones. 

EUROPE 21 JAN 2020

EU privacy law reaches over EUR 114 mln in fines after 20 months

EU countries have issued a total of just over EUR 114 million in fines for violations of the General Data Protection Regulation since the privacy legislation took effect in May 2018, research by DLA Piper shows. The number of complaints about potential GDPR violations continues to increase, according to the report. 

EUROPE 9 JAN 2020

German privacy chief says GDPR enforcement top priority in 2020

The German Federal Commissioner for Data Protection and Freedom of Information (BfDI) said that the regulator's primary goal in 2020 will be to strongly enforce the General Data Protection Regulation (GDPR) at IT companies at European level. Important decisions by the European Court of Justice on international data transfers are expected on this front, the Commissioner added. 

EUROPE 18 NOV 2019

Microsoft gives cloud customers greater control over personal data after EU concerns

Microsoft has announced changes to its privacy policy for customers using online services, following concerns from the Dutch government over disclosure of how it handles customer data. The company said that following feedback from the Dutch justice ministry, it will implement the changes worldwide for Microsoft commercial cloud customers, giving customers greater control over how the company collects personal data. 

EUROPE 11 JUL 2019

Swedish data authority co-chairs European working group on harmonising GDPR breach penalties

The Swedish Data Inspection Authority said it has been named joint chair with its UK and Dutch counterparts of the European Data Protection Board's working group on harmonising sanctions for GDPR breaches. The Swedish delegates will be led by lawyer The data inspection will be led by the lawyer Frida Orring.

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.