EU Mulls Conferring Binding Powers on Body of Data Privacy Regulators
A new body of European data protection authorities could have the power
to adopt legally binding decisions in cross-border disputes over a company’s
misuse of personal data, according to a draft document seen by Reuters. Under
a mechanism originally proposed in reforms of Europe’s data protection laws,
businesses operating across the 28-nation European Union would have to deal
only with the data protection authority in the country where they are headquartered
– even if alleged mishandling of data affects citizens in another country.
A new proposal by Italy, which holds the rotating European presidency, gives
all concerned authorities the chance to intervene in all stages of the decision-making
process. A failure to reach an agreement between the authorities concerned,
or even conflicts over which regulator should take the lead, would then be
arbitrated by the European data protection Board, with legally binding powers.