Computer & Communication Industry Association
PublishedFebruary 14, 2024

GDPR: European Parliament Position Misses the Mark, With Enforcement Becoming Even More Complicated

Brussels, BELGIUM – Tomorrow, the European Parliament’s leading Civil Liberties (LIBE) Committee is set to adopt its position on the proposal to introduce additional procedural rules on the General Data Protection Regulation’s (GDPR) enforcement. Yet, instead of improving the main EU privacy framework, LIBE is about to do the exact opposite. 

The goal of the original proposal is to streamline cross-border data protection procedures. By contrast, however, the LIBE Committee now suggests giving significantly more powers to complainants to intervene while limiting those of parties under investigation. 

Rather than streamlining enforcement, this risks turning any cross-border procedure into an adversarial one, warns the Computer & Communication Industry Association (CCIA Europe).

In addition, by increasing the competences of concerned supervisory authorities and the European Data Protection Board, Parliament would introduce a dramatic decision-making overhaul and undermine basic GDPR principles, such as the One-Stop-Shop mechanism. This will only lead to an increase in abusive complaints and further slow down already lengthy procedures.

De facto, the approach proposed by LIBE risks creating a two-speed EU data protection framework, which goes against the GDPR’s main objectives as well as the uniform application of fundamental rights. 

Parliament should abandon any plans that would undermine key principles enshrined in the EU’s data protection framework, CCIA Europe stresses. 

The GDPR enforcement proposal should complement existing rules and address some of the major shortcomings identified in the six years since the GDPR’s implementation. In other words, the EU needs to guarantee more effective enforcement of cross-border cases. 

The following can be attributed to CCIA Europe’s Senior Policy Manager, Claudia Canelles Quaroni:

“It is extremely worrisome to see that, instead of streamlining cross-border data protection procedures, the European Parliament is about to adopt a position that threatens to undermine the very spirit and core principles of the General Data Protection Regulation.”

“What both businesses and consumers need is more legal certainty. This means that much more work is needed to ensure that cross-border procedures are efficient and lead to satisfactory outcomes for all parties involved.”