Following a request made by the Irish Council for Civil Liberties (ICCL), an Irish association that fights for the protection of fundamental rights, European data protection regulators will have to work together with the European Commission. The National Commission for Computing and Liberties (CNIL) and its European counterparts will regularly transmit information related to ongoing investigations into the General Data Protection Regulation (GDPR).
Ireland’s CNIL has been accused of being inactive and failing to enforce the GDPR
During the year 2022, the ICCL accused the Data Protection Commission (DCP), the Irish data protection authority, of being inactive on certain shares of companies in Ireland. The country is known for hosting European branches of American tech giants who come to set up shop in Ireland to take advantage of the low corporate tax rate. If this rate was 12.5%, it rose to 15% at the end of 2021 following the signing of an agreement with the OECD.
In March 2022, the ICCL even filed a complaint against the DCP. The reason given was “its failure to protect people from the largest data breach on record The non-governmental organization was referring to Google’s method for personalized targeting of online ads, Real-Time-Bidding (RTB).
Johnny Ryan, a member of the ICCL, had explained the reasons for his complaint, For 3 1/2 years I have been calling on the Irish Data Protection Commission to investigate and take action and they have not done so leaving all Europeans exposed to this case “. Since Google is headquartered in Ireland, only the DPC can react to Google’s non-GDPR compliant actions.
The European Commission is informed of all investigations involving personal data
In parallel with this case, the NGO has asked the European Commission to intervene on the matter. In December 2022, the EU mediator, the Irish Emily O’Reilly, recommended the European institution to monitor more closely all the affairs of the tech giants that fall under the responsibility of the DPC. The European Commission responded favorably to this request at the end of January 2023.
In its response, the institution says it wants to ask all regulators to share ” on a fortnightly and strictly confidential basis, an overview of large-scale cross-border investigations under the GDPR “. For each investigation, the European CNIL will have to transmit the file number, the name of the companies concerned, the type of investigation, the steps to be followed as well as the measures already taken against the organizations concerned.
In the a declarationJohnny Ryan expressed his delight,” Previously, large files sat idle for years. We should now see an acceleration of the investigation and execution; it will become obvious to everyone against which member states – those that do not apply the GDPR – the European Commission must act quickly “.
#Europe #informed #CNIL #investigations #related #GDPR
0 Comments