The GDPR in review: a good start but improvement necessary

Today marks the European Commission’s first review of the General Data Protection Regulation (GDPR) since its full application 2 years ago.

Markus J. Beyrer, Director General of BusinessEurope said: “Europe's digital capacity has proved vital throughout the COVID-19 crisis. The processing and movement of data has meant that Europe can continue to work, shop, study and carry out its personal life at distance. This is only possible because businesses in Europe have taken many steps to comply with the GDPR and were in good shape to uphold citizens privacy as they continued to carry out their daily lives online. We agree with the Commission that a revision seems premature as its impact is still being fully assessed, but we are concerned that the full possibilities of the GDPR are being diminished in practice. Application of all legal data processing possibilities should be permitted instead of forcing one method. The Commission should also understand the impact of the GDPR in relation to its ambitions to boost European excellence in artificial intelligence.”

Specifically, on the Schrems II case, Beyrer added: “We await the outcome of the Schrems II case and remain concerned at what this could do to the state of global data transfers which Europe relies upon to take part in the global digital economy. If the judgement rules a drastic change in international data flows, BusinessEurope calls on the European Data Protection Board to offer guidance on the use of grace periods”.