Brave filed a complaint to the European Commission against 27 Member States for failing to adequately implement the GDPR by under resourcing their DPAs.
Two years after the GDPR was first applied, the GDPR is now in danger of failing. Today, Brave reveals why: the governments of EU Member States have not given data protection authorities (DPAs) the tools they need to enforce the GDPR.
Brave is requesting that the European Commission launch an infringement procedure against the European Member State Governments, and refer them to the European Court of Justice if necessary.
- Only five of Europe’s 28 national GDPR enforcers have more than 10 tech specialists – Europe’s GDPR enforcers do not have the capacity to investigate Big Tech
- Half of EU GDPR enforcers have small budgets (under €5 million). EU governments have not given their GDPR enforcers the not have the capacity to defend their decisions against ‘big tech’ companies in court on appeal.
- Almost a third of the EU’s tech specialists work for one of Germany’s Länder (regional) or federal DPAs. All other EU countries are far behind Germany.
- The Irish Data Protection Commission is Google and Facebook’s ‘lead authority’ GDPR regulator in Europe. But while the number of complaints it deals with is accelerating, increases to its budget and headcount are decelerating.
New data on GDPR enforcement agencies reveal why the GDPR is failing by Johnny Ryan from Brave