The EU General Data Protection Regulation has been in force for two years. Germany is exemplary, according to the Commission, Ireland and Luxembourg are problem children.
BRUSSELS taz | The EU Commission has asked Ireland and Luxembourg to do more to enforce European data protection rules. Justice Commissioner Didier Reynders said there was still some catching up to do in the implementation on Wednesday in Brussels. The EU countries would also have to do more for a common "data protection culture".
The European General Data Protection Regulation (GDPR) came into force two years ago. Among other things, it provides the option of checking the data recorded by websites. Also a "Right to be forgotten" is anchored in the GDPR. However, the rules do not prevent US companies such as Google or Facebook from systematically collecting data from European users. EU citizens can now take action against their national data protection authority. This new right is also being actively used, according to the EU Commission.
As soon as it comes to Europe-wide questions, only the authority of the country in which the provider has its European headquarters is responsible. On Facebook, this is Ireland – and the data protection officers in the Irish capital Dublin can hardly keep up with the processing of inquiries. The Irish authority has not yet closed a single case against Facebook. The EU Commission therefore wishes Ireland to make even greater use of the GDPR. The equipment of the authorities had improved significantly between 2016 and 2019, emphasizes the EU Commission. There was 42 percent growth in personnel and 49 percent in budget.
The situation is very different in the EU countries. Germany is considered exemplary, Ireland and Luxembourg are problem children, Slovenia has not even transposed the regulation into national law.
Criticism from the European Parliament
Data protection experts and IT experts still see many problems. Facebook continues to collect data from Internet users on a large scale, even if they are not logged in to the service. Google also collects data across Europe, for example when searching for a location. In addition, the GDPR has a big one Bureaucratic surge brought. Even bloggers, clubs and associations have to grapple with EU rules – and many details are still unclear.
Criticism also comes from the European Parliament. Many citizens would "have the feeling that they are harassed in everyday life, while large companies such as Facebook can continue to collect data unregulated," said Moritz Körner, FDP MEP. "A lax prosecution of data protection offenses must not be an advantage of location in the EU."