MEP Maite Pagazaurtundúa said the delegation was concerned that Ireland’s data protection authority is ‘a bottleneck’ of GDPR enforcement.
Following a three-day visit to Dublin last week, a delegation of MEPs has called for an independent review of Ireland’s Data Protection Commission (DPC).
It is related to concerns around the effectiveness of GDPR implementation and the ‘one-stop shop’ mechanism.
Under GDPR’s ‘one-stop shop’ mechanism, companies such as Meta and Google are able to handle much of their GDPR responsibilities in one EU country. This means that many data protection investigations fall to regulators in countries where Big Tech companies have European headquarters – including Ireland.
The Irish DPC acts as the EU’s lead data supervisor for several major US tech players that have European headquarters in Ireland, including Meta, Google, TikTok and Twitter. This month, Instagram was issued the DPC’s largest ever fine for breaching EU data protection rules.
However, Ireland’s data watchdog has faced criticism over how it has been handling GDPR complaints against Big Tech.
After the recent visit to Dublin, Spanish MEP Maite Pagazaurtundúa said that the delegation “remains concerned by the Irish data protection authority being a bottleneck of the one-stop-shop mechanism”.
Review of DPC ‘would be of help’
Pagazaurtundúa was visiting Dublin along with colleagues from the European Parliament. During their stay, they met key figures and stakeholders of data protection in Ireland.
This included Minister for Justice Helen McEntee, TD, Data Protection Commissioner Helen Dixon, a Joint Oireachtas Committee on Justice, and representatives from tech companies such as Meta, TikTok and Microsoft.
Pagazaurtundúa said that while they were able to have “a number of extremely worthwhile and insightful exchanges”, the delegation believes an independent review of DPC’s procedures and actions “would be of help”.
“We support a number of recommendations endorsed by the Joint Oireachtas Committee on Justice in their report on GDPR enforcement in Ireland.”
Other members of the delegation of MEPs visiting Ireland included Birgit Sippel of Germany, Paul Tang of the Netherlands, Gwendoline Delbos-Corfield of France and Clare Daly of Ireland.
“Addressing these issues is essential for the protection of personal data and, by extension, the fundamental rights, of hundreds of millions of EU citizens,” added Pagazaurtundúa, who led the delegation.
This is not the first time the Irish DPC has been described as a “bottleneck of GDPR investigation and enforcement”.
But Dixon defended the DPC’s track record in enforcing GDPR earlier this year. The Irish Government is also set to appoint two additional commissioners to support the needs of the DPC and help it deal with “an increased workload with increasingly complex investigative requirements”.
10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.