Five years in, GDPR still a lightning rod for criticism


The European Union’s privacy regulation might be the most influential data protection law in the world, but it risks losing credibility if enforcement is not harmonized and “privacy by design” is not at the heart of tech innovation.

EU officials, speaking as part of a panel discussion in Brussels on Tuesday to mark the fifth anniversary of the General Data Protection Regulation (GDPR) coming into force, agreed enforcement approaches and information sharing between data protection authorities (DPAs) must improve if the regulation is going to work effectively.

Cross-border investigations into Big Tech firms under the GDPR have been especially slow to progress, with often startling differences of opinion among DPAs about the extent of harm caused by noncompliance, what level of fine should be appropriate, and which parts of the GDPR have been breached.

lock iconTHIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.