{Disarmed} Ireland, we have a problem: 98% of tech data protection cases are unsolved
Google, Facebook, Apple, Microsoft and Twitter are some of the big tech companies that have their European headquarters in Dublin . This makes the Data Protection Commission ( DPC ) the body in charge of resolving privacy issues raised against these companies.
In fact, one in five complaints (21%) sent to regulatory bodies have been referred to the DPC.
In xiaomist.com The 15 largest fines that have been imposed by GDPR so farHowever, the growing number of complaints of abuse or violation of the GDPR regulations against these large companies is beginning to accumulate in the Irish body and a bottleneck is occurring .
Only 4 cases out of 164
Since the GDPR came into force, the DPC has accumulated cases of pan-European importance as the main authority to review them. As of May 2021, the number rises to 164 cases, according to an investigation by the Irish Civil Liberties Council (ICCL). However, 98% of these cases remained unsolved .
Furthermore, in the three years since European data protection regulations came into force (in May 2018) and May 2021, the Irish data protection agency has only forwarded four draft decisions to the Board. European Data Protection Agency (EDPB) for examination and approval .
"Ireland is the great bottleneck of the EU", states the report, which denounces that no other body that oversees the RGPD in the EU (such as the Spanish Data Protection Agency) can intervene if the Irish CPS "is granted his lead role in cases against large Ireland-based tech companies. As a result, the application of the EU GDPR against big technologies is paralyzed by the fact that Ireland does not deliver the draft decisions on cross-border cases. "
Meeting point
It should be noted that when complaints arise in multiple countries about GDPR compliance in relation to any Irish-based company, the DPC is designated as the lead supervisory authority by default to lead the investigation under the 'one-stop shop' principle.
Once the CPS issues a decision, it is usually forwarded to the European Data Protection Board and other data protection authorities for approval, before a final decision is made. This was the case, for example, of the fine against WhatsApp . Initially, from Ireland it was decided that the fine would be 50 million euros, but after the intervention of other European regulators and the EDPB, the Irish DPC increased the fine to 225 million euros .
Spain, an example to follow
Ireland, together with Spain, Germany, the Netherlands, France, Sweden and Luxembourg, handle 72% of all complaints sent between the bodies in charge of ensuring data protection in Europe.
The Irish Civil Liberties Council assures that the DPC is very slow to process these cases, which are accumulating. Meanwhile, he considers that the Spanish Data Protection Agency is a model to follow due to its performance , since it has submitted 41 draft decisions to the EDPB for cross-border cases, despite having a smaller budget than that of the DPC and a staff more reduced.
That is, according to this body, the APD solves ten times more projects than its Irish counterparts , also having a lower budget .
Complaints on the rise, lower budget
This organization also denounces that, despite the fact that every year the number of complaints for data protection grows throughout the European Union, most regulatory bodies see their budget reduced .
In xiaomist.com Spain, the country where the most GDPR fines were imposed in the first quarter of 2021According to their data, although there was a significant reinforcement since 2016 in preparation for GDPR , since then they have been reduced. The German agency is the one with the most resources: the 94.7 million euros of budgets represent one in every 3 euros (32%) of all the money that the regulatory bodies count.
On the other side of the scale are nine countries with budgets of less than 2 million euros per year.
-
The news Ireland, we have a problem: 98% of technology data protection cases are unsolved was originally published in xiaomist.com by Arantxa Herranz .
Comments
Post a Comment