The Dapix (information exchange and data protection) working party of the Council has on their agenda to prepare for the 2020 GDPR report. Indeed, the European Commission published a communication on the “Data protection rules as a trust-enabler in the EU and beyond – taking stock” on the 24th July 2019. With this Communication, the Commission (1) takes stock of the results achieved so far as in relation to the consistent implementation of the data protection rules across the EU, the functioning of the new governance system, the impact on citizens and businesses and the EU’s efforts in promoting global convergence of data protection regimes. It follows-up on the Commission Communication on the application of the Regulation of January 2018, and it has been informed by the work of the Multi-stakeholder Group, in particular its contribution to the one-year stocktaking exercise as well as the discussions held at the stocktaking event organised by the Commission on 13 June 2019. With this Communication, the Commission also (2) contributes to the review that the Commission plans to carry out by May 2020.
The Commission highlights the following in the press release:
- One continent, one law.
- Businesses are adapting their practices.
- Stronger role of data protection authorities.
- EU rules as reference for stronger data protection standards across the globe.
In the context of this evaluation and review, the Commission shall examine, in particular, the application and functioning of:
- Chapter V on the transfer of personal data to third countries or international organisations with particular regard to decisions adopted pursuant to Article 45(3) of this Regulation and decisions adopted on the basis of Article 25(6) of Directive 95/46/EC; and
- Chapter VII on cooperation and consistency.
According to Article 97 of the GDPR, the Commission shall submit a report on the evaluation and review of the Regulation to the European Parliament and the Council. The first report is due by 25 May 2020. The Commission shall take into account the positions and findings of the European Parliament and the Council, and of other relevant bodies and sources. The Commission may also request information from Member States and supervisory authorities. In the Commission factsheet on this Communication, FEDMA is very pleased to see that the Commission supports in this Communication Codes of Conducts under the GDPR. Also, the Commission includes as a takeway supporting and involving stakeholders, which is also a FEDMA priority.