On February 26, 2019, the European Data Protection Board (the "EDPB") presented its first overview of the GDPR's implementation and the roles and means of the national supervisory authorities to the European Parliament (the "Overview").
The Overview provides key statistics relating to the consistency mechanism among national data protection authorities ("DPAs"), the cooperation mechanism of the EDPB, the means and powers of the DPAs and enforcement of the GDPR at the national level.
Key takeaways and statistics from the report include:
642 procedures have been initiated to identify the lead DPA and concerned DPAs in cross-border cases. 306 of these procedures have concluded with the lead supervisory authority identified. 30 different DPAs have registered a total of 281 cases with cross-border components in the Internal Market Information system- an IT system that provides a method of information sharing among supervisory authorities. The main topics of these cases relate to the exercise of individual rights, consumer rights and data breaches. 45 one-stop-shop procedures were initiated by DPAs from 14 different EEA countries 23 cases are currently at the informal consultation stage, 16 are at the draft decision stage and 6 cases have been finalized. 444 mutual assistance requests, both formal and informal, have been triggered by DPAs from 18 different EEA countries. Consistency Mechanism
The EDPB has adopted 28 consistency opinions regarding the national lists of processing subject to a data protection impact assessment. The EDPB also has adopted a consistency opinion on a draft administrative arrangement for the transfer of personal data between financial supervisory authorities. The...