Five years of GDPR: Lessons for Procedures, Agencies and Powers

Lisette Mustert, Herwig C H Hofmann

Research output: Chapter in Book/Report/Conference proceedingChapterAcademicpeer-review

Abstract

After five years of General Data Protection Regulation (‘GDPR’) enforcement, the difficulties in the complex enforcement system have become apparent. Challenges for developing procedural rules for putting rights to the protection of personal data are manifold. The GDPR’s model has deficiencies resulting from overly complex composite procedures largely excluding individuals – especially complainants – from being able to play a meaningful role in the procedure, despite the fact that individual complaints raise the real-life issues necessary for enforcement. We argue in this chapter that agency design and the role of agencies in the procedures should be re-thought and, arguably, re-designed. This also is a matter not only for the role of the European Data Protection Board (‘EDPB’) but also of the European Commission in the system of data protection.

Original languageEnglish
Title of host publicationData Protection and Privacy
Subtitle of host publicationIdeas that Drive Our Digital World, Volume 16
EditorsHideyuki Matsumi, Dara Hallinan, Diana Dimitrova, Eleni Kosta, Paul de Hert
PublisherBloomsbury
Pages1-26
Number of pages26
Volume16
ISBN (Electronic)9781509975983
ISBN (Print)9781509976003
DOIs
Publication statusPublished - 2 May 2024

Keywords

  • Agencies
  • EU law
  • Enforcement
  • GDPR
  • Procedures

Fingerprint

Dive into the research topics of 'Five years of GDPR: Lessons for Procedures, Agencies and Powers'. Together they form a unique fingerprint.

Cite this