GDPR Enforcement’s New Phase: More Predictability, and New Rules on the Way

Multiple signs suggest that enforcement of the GDPR, now in its sixth year, has entered a new and steadier phase across Europe. Nations’ data protection authorities (DPAs) have long fought over cases involving Big Tech companies, but two weeks ago the Irish regulator announced that no other European regulators objected to its €310‑million fine against LinkedIn Ireland. With insights from attorneys at A&O Shearman, Bird & Bird, Covington, IAPP, McDermott Will & Emery, and Steptoe, this two-part article series captures the latest practicalities that companies should understand about GDPR investigations and enforcement. This first installment examines the latest moves toward harmonization, key findings of the European Commission’s second-ever report about GDPR implementation and pending procedural rules for GDPR enforcement, which E.U. bodies start negotiating this month. Part two will delve into DPAs’ characteristic practices and nagging points of divergence between them. See “Compliance Takeaways From the Latest GDPR Enforcement Statistics” (Feb. 2, 2022).

To read the full article

Continue reading your article with a CSLR subscription.