EU GDPR implementation: Many obstacles to tackle
In a panel discussion at the CPDP conference today in Brussels, Bruno Gencarelli from the European Commission said that the Commission would now look into developing tools for compliance such as codes of conduct. Jan Philip Albrecht from the European Parliament said that the new regime will introduce some new important aspect to enhance compliance such as privacy icons, and allow opt-outs with browser settings. He thought that the Trilogue parties have managed to come up with a text that does not only successfully modernise DP law, but also sends an important signal to the world of the EU being able to deliver in the globalised digital market. Gencarelli agreed that the end result is good and said that the Commission is pleased that the outcome relies largely on accountability.
More critical was Michal Boni, MEP, who said that the 54 exemptions that allow for national implementation need to be monitored so as not to lose harmonisation. He said that the European Data Protection Board ( EDPB) should issue guidance on definitions and the technical aspects. It is also necessary to make sure that appropriate guidance will be issued to small and medium sized enterprises.
Alex Voss, MEP said that the text is too complex and creates legal uncertainty. There are too many exemptions and therefore the text is somewhere between a Directive and a Regulation, he said. Big companies may be tempted to leave the European marketplace altogether, he threatened. The EDPB will have too many competences and will be too powerful. He compared it to the 'Chinese Central Committee.'
Albrecht said that the opposite was true for companies - they are coming to Europe because of a level playing field and reliance on one set of rules. 'If you implement the standards you will gain consumer trust,' he said.