The various data protection authorities of the EU member states have been working on the basis of the GDPR for several years now. Since then there have been repeated complaints about the so-called one-stop shop rule. This states that GDPR violations should be processed by the authority in whose sphere of influence the headquarters of the accused company is located.
As a result, most of the cases directed against powerful US corporations such as Meta, Google or Apple are heard in Ireland. Ireland and, to a lesser extent, Luxembourg, where Amazon’s EU headquarters are located, have come under increasing criticism in recent years for their lax enforcement of data protection rules. Although they deny this and the Irish in particular have imposed some hefty penalties in recent times, the frustration in the sister authorities is still quite great in places, as certain questions simply do not get any further.
resistance is expected
The magazine reports that in Brussels they now want to establish clearer procedural rules with which large cases are to be processed political. In October, the European Data Protection Board sent the Commission a “wish list” of procedural changes to improve GDPR enforcement. Ideas include setting time limits for different procedural steps and harmonizing the rights of the different parties involved in investigations across the EU. The Commission now intends to present a draft of the concrete changes to the legal text by the summer.
It is also about making the design very compact and clear. This will certainly not be easy. The GDPR is seen as one of the EU laws most influenced by all sorts of lobbying interests. This sometimes leads to statements that are complex and incomprehensible or even contradictory, which further complicates working with the law.
“No one will be happy with the Commission’s proposal because data protection authorities agree on the problem but not on the solutions,” said Olivier Micol, head of the Commission’s data protection unit, which is leading work on the directive. Significant resistance is to be expected from the large tech companies in particular, since they naturally have no interest in the system becoming more efficient.
See also:
