MEP cautious to approve GDPR evaluation

Detailed reports on the work of the Irish DPC since the implementation of the GDPR in 2018, shows they are not delaying or obstructing taking cases against big tech, argues Maria Walsh.

Published:

An Irish MEP has warned caution to approving a European vote later today (Thursday) that could pass a resolution including a brief but extremely critical reference to the Irish Data Protection Authority (DPA).

The Brussel's vote seeks to discuss the general state of affairs with regards to GDPR legislation in Europe under the title: 'Commission Evaluation Report on the Implementation of the General Data Protection Regulation Two Years after its Application’.

But the resolution heavily criticises the Irish (and Luxembourgish) DPA claiming that the DPAs in both countries are not living up to the standard of the DPAs in other Member States.

It also suggests that government interference or influence is having an effect on the lack of sanctions against big tech companies, or perhaps bias on behalf of the DPA.

North-West MEP and Fine Gael Representative on the Civil Liberties, Justice and Home Affairs Committee, Maria Walsh, says she fully supports the EU's GDPR rules.

She’d also like Europe's data protection laws to remain the “global gold standard” and believes to ensure this, it is important the EU consistently works to update and improve this legislation.

“Ireland has a much more intense caseload due to the presence of big tech headquarters. This not only affects the speed of how they manage their caseload, but it also places the onus on the Irish Data Protection Authority (DPA) to take up cases which other DPAs can avoid. We recognise the responsibility this places on the office of the Irish Data Protection Authority and Commissioner,” explained the Mayo-native.

“While we of course favour efforts to increase the efficiency of working methods and data protection, the text of this Resolution was unjustly critical of the Irish Data Protection Authority as it did not take all the facts into fair consideration and that is why we felt it important to abstain on the final vote.”

The ‘one stop shop’ mechanism, she suggests, means that the DPA responsible for dealing with a case must be the one where the HQs are based - therefore Irish DPA has the majority of the caseload for the entirety of the EU. “Given the volume, it can be slow,” notes Ms Walsh.

“The Irish Data Protection Commission shows prudence in its decisions, submitting cases to either the European Court of Justice or the European Data Protection Board, to ensure an adequate legal decision is made. This prudence can further slow the process.”

Detailed reports on the work of the Irish DPC since the implementation of the GDPR in 2018, shows they are not delaying or obstructing taking cases against big tech, argues Ms Walsh

“Last year they sanctioned Twitter, their first big tech corporation.”

Last month the Data Protection Commission Helen Dixon requested a hearing at the European Parliament to respond to claims about the DPC made during a hearing of its civil liberties, justice and home affairs (LIBE) committee. She then declined to attend a European Parliament committee meeting if it meant answering questions alongside privacy campaigner Max Schrems, as she believed that third parties should not be present.

Published: