In response to criticism over delayed privacy investigations and perceived low fines for privacy breaches, the European Commission introduced new rules on Tuesday. The move aims to expedite the process of privacy probes into Big Tech.
The revamped procedures are designed to increase the speed and effectiveness of cross-border investigations.
Furthermore, these reforms will tackle the concerns regarding the current system’s insufficient deterrence against data protection violations.
The reform comes amidst widespread criticism of the existing General Data Protection Regulation (GDPR), which has been in effect since 2018.
Critics argue that the GDPR is falling short of its objective due to slow investigations and insubstantial penalties. This criticism has been particularly focused on the Irish Data Protection Commissioner (DPC).
The DPC leads EU regulation due to the large number of technology behemoths headquartered in Ireland. The DPC has been censured for its perceived leniency in imposing fines.
A Move to Enhance Accountability
The new rules aim to streamline investigations, improve cross-border cooperation and enhance accountability among tech companies.
According to the European Commission, these procedural aspects will support the prompt completion of investigations and the swift delivery of remedies to individuals.
Under the revised framework, the primary privacy authority has an obligation to share a summary of key issues with fellow authorities. They must do this early in the process to facilitate more efficient collaboration.
It also imposes common deadlines for cross-border collaboration and dispute resolution, aiming to streamline and expedite the process.
The new rules also safeguard the rights of complainants. In cases where complaints are entirely or partially rejected, the individuals have the right to be heard.
Additionally, if regulators decide to probe their complaints, complainants are entitled to proper involvement.
Tech companies under investigation have also been afforded additional rights, including the ability to access files and to be heard at critical stages in the process.
Criticism And Future Implications
The new procedures have drawn criticism from some quarters. Privacy activist Max Schrems, known for filing complaints against tech giants like Meta Platforms and Alphabet’s Google, denounced the procedures.
The Computer & Communications Industry Association, a tech lobbying group, also expressed reservations. It argues that the rules are inadequate in ensuring the rights of companies to appeal and to a fair hearing within a realistic timeframe.
The European Commission’s move indicates a growing push to adapt and enforce data privacy regulations amidst the ever-evolving digital landscape.
It is yet to be seen how these new rules will be implemented and their effect on Big Tech companies and their privacy practices.
