HLE Blogger Eduardo Ustaran wonders if appointing a sole EU data protection regulator is a no brainer
"The recent International Privacy Commissioners’ Conference in Uruguay provided a perfect forum as a neutral ground for a fierce policy debate. Regulators and other influential stakeholders in the privacy world locked horns for three days to make the most of this annual gathering. One of the immediate outcomes was the realisation that much work remains to be done if we are to achieve the necessary balance between progress and protection. No other issue symbolised the need for this balance better than the ‘one stop shop’ principle under the proposed EU data protection regulation—the sole competence of one single regulator over the same controller all over the European Union.
As a concept, this principle seems like a no brainer that everyone would be happy with. If anything, having a single regulator with responsibility for supervising the activities of a corporate group across the EU on the basis of the same law should be the most efficient way of managing the limited time and resources that data protection authorities have. If the organisation to be supervised operates on a pan-European basis and the law is the same everywhere, surely this approach is the most logical in the absence of a central European regulator. However, why is it that this concept is proving so difficult to shape to everyone’s satisfaction? There is even a precedent with the concept of a ‘lead authority’ for BCR authorisations which has been working quite effectively for years now. Are national interests preventing this principle from working or is there a more fundamental issue getting in the way?...”
To continue reading go to: www.halsburyslawexchange.co.uk
