{"id":13645,"date":"2020-07-22T10:12:36","date_gmt":"2020-07-22T09:12:36","guid":{"rendered":"https:\/\/www.worldpolicyconference.com\/?p=13645"},"modified":"2020-07-22T10:12:36","modified_gmt":"2020-07-22T09:12:36","slug":"didier-reynders-we-will-take-all-necessary-initiatives-to-have-a-correct-implementation-and-also-we-will-analyse-the-necessity-to-introduce-infringement-policies","status":"publish","type":"post","link":"https:\/\/www.worldpolicyconference.com\/fr\/didier-reynders-we-will-take-all-necessary-initiatives-to-have-a-correct-implementation-and-also-we-will-analyse-the-necessity-to-introduce-infringement-policies\/","title":{"rendered":"Didier Reynders: \u201cWe will take all necessary initiatives to have a correct implementation and also, we will analyse the necessity to introduce infringement policies\u201d"},"content":{"rendered":"<section class=\"ea-post-title\">\n<h1>Commission to \u2018analyse necessity\u2019 of GDPR infringement procedures<\/h1>\n<\/section>\n<section class=\"row\">\n<article class=\"ea-article col-xs-12 col-sm-12 col-md-8 col-lg-8\">\n<div class=\"ea-article-header\">\n<div class=\"ea-article-meta clearfix\">\n<p class=\"ea-byline\">By\u00a0Samuel Stolton\u00a0|\u00a0EURACTIV.com\u00a0|\u00a014.07.2020<\/p>\n<p><a href=\"https:\/\/www.worldpolicyconference.com\/wp-content\/uploads\/2020\/07\/european_commission_didier_reynders_wpc.jpg\"><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full wp-image-13646\" src=\"https:\/\/www.worldpolicyconference.com\/wp-content\/uploads\/2020\/07\/european_commission_didier_reynders_wpc.jpg\" alt=\"\" width=\"800\" height=\"450\" srcset=\"https:\/\/www.worldpolicyconference.com\/wp-content\/uploads\/2020\/07\/european_commission_didier_reynders_wpc.jpg 800w, https:\/\/www.worldpolicyconference.com\/wp-content\/uploads\/2020\/07\/european_commission_didier_reynders_wpc-300x169.jpg 300w, https:\/\/www.worldpolicyconference.com\/wp-content\/uploads\/2020\/07\/european_commission_didier_reynders_wpc-768x432.jpg 768w\" sizes=\"(max-width: 706px) 89vw, (max-width: 767px) 82vw, 740px\" \/><\/a><\/p>\n<p>The European Commission will consider the necessity of introducing infringement procedures against member states that fail to comply with the EU\u2019s general data protection regulation (GDPR), the Commission\u2019s Justice Chief Didier Reynders has warned.<\/p>\n<p>His comments came following the recent publication of the Commission\u2019s\u00a0<a href=\"https:\/\/www.euractiv.com\/section\/digital\/news\/leak-commission-pushes-uk-for-high-degree-of-convergence-in-gdpr-review\/\" target=\"_blank\" rel=\"noopener noreferrer\">GDPR review<\/a>, which highlighted several shortfalls across member states in terms of compliance with the EU\u2019s data protection.<\/p>\n<p>In the review, published towards the end of June, Ireland and Luxembourg were singled out as being under-resourced to the extent that their ability to ensure adequate GDPR compliance in their countries should be hindred.<\/p>\n<p>Despite Reynders\u2019 comments \u2013 a reiteration of previous Commission warnings in the past \u2013 he did, however, note that enacting infringement procedures isn\u2019t the first step the executive would take in GDPR shortcomings.<\/p>\n<p>\u201cWe will take all necessary initiatives to have a correct implementation and also, we will analyse the necessity to introduce infringement policies,\u201d Reynders said.<\/p>\n<p>\u201cBut as you know, that is not the first tool,\u201d he continued. \u201cThe first tool is to try to have correct implementation by the member states and with enough resources to all the different national data protection authorities.\u201d<\/p>\n<p>The GDPR gives powers to privacy authorities across the EU to enforce fines of up to 4% of global revenue or \u20ac20 million, whichever is higher. The largest fine to date has been the French data protection authority\u2019s \u20ac50 million penalty against Google in 2019 for a lack of transparency.<\/p>\n<p><strong>The Irish question<\/strong><\/p>\n<p>Reynders added that action against Ireland, the lead authority for actions involving several of the Big Tech firms, would be taken \u201cif needed\u201d.<\/p>\n<p>The Irish Data Protection Commission, led by Helen Dixon, has sanctioned\u00a0<a href=\"https:\/\/www.euractiv.com\/section\/digital\/news\/irish-regulator-reaches-preliminary-decision-in-twitter-privacy-probe\/\" target=\"_blank\" rel=\"noopener noreferrer\">just one action<\/a>\u00a0for GDPR breaches, a preliminary decision of a probe of a 2019 Twitter bug that led to protected tweets being made public.<\/p>\n<p>Dixon has previously\u00a0<a href=\"https:\/\/www.irishtimes.com\/business\/technology\/data-protection-commission-disappointed-at-budget-allocation-1.4045248\" target=\"_blank\" rel=\"noopener noreferrer\">lamented<\/a>\u00a0that the Irish DPC is under-resourced when analysing the volume of complaints it is required to process, after receiving less than a third of the budget it had called for in 2020.<\/p>\n<p>This was a point raised in the Commission\u2019s recent GDPR review.<\/p>\n<p>\u201cGiven that the largest big tech multinationals are established in Ireland and Luxembourg, the data protection authorities of these countries act as lead authorities in many important cross-border cases and may need larger resources than their population would otherwise suggest,\u201d the document states.<\/p>\n<p>However, lawmakers in the European Parliament have recently raised the issue of the under-funding of national data protection authorities, noting that it should not necessarily be used as an excuse for a lack of actions taken out. Member states that don\u2019t resource their national data protection authorities as appropriate should face punitive measures, EU lawmakers claimed.<\/p>\n<p>Addressing Reynders yesterday, Irish leftist MEP Clare Daly (GUE\/NGL) spoke specifically about the situation in her country, putting the lack of enforcement rulings in Ireland down to the fact that Ireland plays home to some of the world\u2019s most profitable tech giants \u2013 and would seemingly hope to continue to do so.<\/p>\n<p>\u201cIreland, as we know, has an economic policy with light-touch regulation to foreign multinationals. Our senior politicians have been called basic lobbyists for the big tech companies,\u201d she said.<\/p>\n<p>\u201cAgainst that backdrop, then, is it any wonder that we\u2019ve had 24 investigations in Ireland into the big tech companies, and no fines issued? So when you say that you\u2019re going to look at infringement proceedings for countries which don\u2019t resource their DPAs \u2013 but you\u2019re going to talk to them first \u2013 I don\u2019t think that\u2019s really good enough.\u201d<\/p>\n<p>The European Commission has warned that privacy enforcement authorities in Ireland and Luxembourg possibly require \u201clarger resources\u201d in the GDPR review, even though the two countries have seen a significant increase in their staff numbers between 2016 and 2019. Ireland saw the largest upturn of EU member states, with a 169% increase in staff during this period, while Luxembourg saw an increase of 126%.<\/p>\n<p>However, for Daly, this data is misleading. On Monday (13 July), she rebutted the notion that the Irish DPC had an increase commensurate with their competencies.<\/p>\n<p>\u201cIn 2016, they had an office over a small shop in a Midlands town, so that type of increase is actually nothing,\u201d Daly said.<\/p>\n<p>Meanwhile, Austrian privacy activist Max Schrems has also recently spoken out against the idea that the Irish DPS is not adequately resourced.<\/p>\n<p>\u201cIreland is one of the best-funded DPAs in Europe,\u201d Schrems said as part of a media briefing on Monday (13 July). \u201cThe Irish DPA has 140 people for it.\u201d<\/p>\n<p>\u201cBlaming it only on funding is shifting the blame.\u201d<\/p>\n<p>The Austrian privacy activist this week faces a showdown at the European Court of Justice as judges decide on the legality of the EU\u2019s Standard Contractual Clauses (SCCs) which are used for worldwide data transfer agreements.<\/p>\n<p><em>(Edited by Fr\u00e9d\u00e9ric Simon)<\/em><\/p>\n<\/div>\n<p><a href=\"https:\/\/www.euractiv.com\/section\/data-protection\/news\/commission-to-analyse-necessity-of-gdpr-infringement-procedures\/\">Read the article on Euractive&rsquo;s website.<\/a><\/p>\n<\/div>\n<\/article>\n<\/section>\n","protected":false},"excerpt":{"rendered":"<p>Commission to \u2018analyse necessity\u2019 of GDPR infringement procedures By\u00a0Samuel Stolton\u00a0|\u00a0EURACTIV.com\u00a0|\u00a014.07.2020 The European Commission will consider the necessity of introducing infringement procedures against member states that fail to comply with the<\/p>\n","protected":false},"author":3,"featured_media":13647,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23],"tags":[],"class_list":["post-13645","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-room"],"_links":{"self":[{"href":"https:\/\/www.worldpolicyconference.com\/fr\/wp-json\/wp\/v2\/posts\/13645","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.worldpolicyconference.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.worldpolicyconference.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.worldpolicyconference.com\/fr\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.worldpolicyconference.com\/fr\/wp-json\/wp\/v2\/comments?post=13645"}],"version-history":[{"count":0,"href":"https:\/\/www.worldpolicyconference.com\/fr\/wp-json\/wp\/v2\/posts\/13645\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.worldpolicyconference.com\/fr\/wp-json\/wp\/v2\/media\/13647"}],"wp:attachment":[{"href":"https:\/\/www.worldpolicyconference.com\/fr\/wp-json\/wp\/v2\/media?parent=13645"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.worldpolicyconference.com\/fr\/wp-json\/wp\/v2\/categories?post=13645"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.worldpolicyconference.com\/fr\/wp-json\/wp\/v2\/tags?post=13645"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}