Recent searches
Search options
This morning: we publish analysis of #GDPR enforcement as we near 5 years.
75% of Ireland's GDPR decisions in EU-level cases have been overruled by the European Data Protection Board.
See the link for more.
Nearly all (87%) cross-border GDPR complaints to Ireland repeatedly involve the same eight Big Tech companies. Instead of fully investigating, the Irish DPC chooses “amicable resolution” to conclude 83% of the cross-border complaints it receives, according to its own statistics.
Using "amicable resolution" for repeat offenders, or for matters likely to impact many people, contravenes European Data Protection Board guidelines.
(EDPB doc --> https://edpb.europa.eu/system/files/2022-06/edpb_guidelines_202206_on_the_practical_implementation_of_amicable_settlements_en.pdf)
Almost 5 years after the #GDPR, there has been little substantial enforcement in EU-level cases.
The EDPB register of final decisions reveals that most (64%) of the 159 enforcement measures by late 2022 were merely reprimands.
(Excludes "amicable resolutions")
Lack of funding does not appear to be the problem. Europe's GDPR watchdogs now have a combined budget of 1/3 billion Euro.
The Irish DPC's budget now ranks among the top five EU countries.
A strong piece on our report in Le Monde this morning on our report @lemonde
Le Monde's headline: "Five years after the GDPR, GAFAM are spared by the Irish enforcer".
@johnnyryan Amazing reporting, kudos and well done. The recent feedback for EU's GDPR enforcement also has a lot of good points (including yours). The EU would hopefully take this into account, but it is clear that Member States also have important improvements to make.