BackThe European Commission will strengthen its monitoring of the implementation of the EU’s data protection law, following an Ombudsman inquiry based on a complaint by the Irish Council for Civil Liberties.
It will now require detailed information every two months from all national data protection authorities (DPAs) on cross-border investigations related to potential infringement of the General Data Protection Regulation (GDPR).
The information should include details about the scope of the investigation, the data protection authorities concerned, and the investigatory measures taken. Until now, national DPAs were not required by the Commission to give such detailed and regular reports. The Commission will explain this new monitoring system and indicate what kind of information it has received in its next public report on the issue, due in 2024.
The strengthened monitoring comes after the Irish Council for Civil Liberties complained that the Commission was not collecting sufficient information to be able to properly assess GDPR implementation in Ireland. As many big tech companies in the EU have their HQ in Ireland, it is up to the Irish Data Protection Commission to investigate personal data issues that concern citizens across the EU.
The Ombudsman welcomes the constructive approach taken by the Commission and notes the importance of civil society in monitoring such matters and bringing them to the attention of her Office.
For more details and related documents on the case, please visit the website of the European Ombudsman.
Source: Office of the European Ombudsman, EU
