CDE Almería - Centro de Documentación Europea - Universidad de Almería

Centro de Documentación Europea de la Universidad de Almería

The Council today adopted new rules to improve cooperation between national data protection authorities in enforcing the General Data Protection Regulation (GDPR), in order to speed up the process of handling cross-border data protection complaints.

The measures adopted will streamline administrative procedures concerning, for example, the rights of complainants or the admissibility of cases, thereby improving the efficiency of the application of the GDPR in cross-border cases.

Main elements of the new EU Regulation

  • Admissibility: the admissibility requirements for cross-border actions (i.e. whether or not a complaint qualifies for investigation) will be harmonised. Regardless of where in the EU a complaint is filed, admissibility will be assessed on the basis of the same information.
  • Rights of complainants and investigated parties: common rules will apply for the participation of the complainant in the procedure, the right of the investigated company or organisation to be heard and the right to receive the preliminary findings in order to express its opinion on them.
  • Simplified cooperation procedure: in simple cases, data protection authorities may decide, in order to avoid administrative burdens, to settle an action without recourse to the full set of cooperation rules.
  • Time limits: in future, an investigation should not take longer than 15 months; in more complex cases, this period can be extended by 12 months. In the case of a simplified procedure for cooperation between national data protection authorities, the investigation should be closed in 12 months.

Next steps

Today’s adoption by the Council is the last step in the legislative process. The Regulation will enter into force 20 days after its publication in the Official Journal of the European Union. It will apply 15 months after its entry into force.

Context

The GDPR has created a system of cooperation between national data protection authorities. These authorities, which are responsible for implementing the GDPR, are obliged to cooperate in data protection cases involving cross-border processing, which is the case, for example, where the complainant resides in a Member State other than that of the company under investigation.

In such cross-border cases, a single national authority assumes the role of lead authority in the investigation, but is obliged to cooperate with its counterparts in other Member States.

More information: European Council

Publicaciones relacionadas:

Council approves new rules for greater transparency in the funding of European parties and foundations Consumer protection: Council approves updated Alternative Dispute Resolution directive New rules on labelling of honey, juice, jam and marmalade adopted Council gives green light to single work and residence permit for third-country nationals Lobbying lawmakers: EU audit reveals transparency blind spots

“This is a space for debate. All comments, for or against publication, that are respectful and do not contain expressions that are discriminatory, defamatory or contrary to current legislation will be published”.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Politica de privacidad

El Centro de Documentación Europea de la Universidad de Almería utiliza cookies propias y de terceros para facilitar al usuario la navegación en su página Web y el acceso a los distintos contenidos alojados en la misma. Asimismo, se utilizan cookies analíticas de terceros para medir la interacción de los usuarios con el sitio Web. Pinche el siguiente enlace si desea información sobre el uso de cookies y como deshabilitarlas. <a href="/politica-de-cookies" rel="noopener" target="_blank">Más información</a>