Article 59 GDPR: Difference between revisions
No edit summary |
(style consistency) |
||
Line 185: | Line 185: | ||
== Legal Text == | == Legal Text == | ||
<br /><center>'''Article 59 - Activity reports'''</center | <br /><center>'''Article 59 - Activity reports'''</center> | ||
Each supervisory authority shall draw up an annual report on its activities, which may include a list of types of infringement notified and types of measures taken in accordance with Article 58(2). Those reports shall be transmitted to the national parliament, the government and other authorities as designated by Member State law. They shall be made available to the public, to the Commission and to the Board. | Each supervisory authority shall draw up an annual report on its activities, which may include a list of types of infringement notified and types of measures taken in accordance with Article 58(2). Those reports shall be transmitted to the national parliament, the government and other authorities as designated by Member State law. They shall be made available to the public, to the Commission and to the Board. |
Revision as of 10:24, 8 March 2022
Legal Text
Each supervisory authority shall draw up an annual report on its activities, which may include a list of types of infringement notified and types of measures taken in accordance with Article 58(2). Those reports shall be transmitted to the national parliament, the government and other authorities as designated by Member State law. They shall be made available to the public, to the Commission and to the Board.
Relevant Recitals
No recitals seem to be available for this provision.
Commentary
Transparency
The main goal of the activity reports regulated by Article 59 GDPR consists of informing national and EU authorities as well as the larger public about the activities the data protection authority has performed over the previous year. Scholars highlights that these materials also contribute in developing a common opinion among different DPAs over new or contentious data protection issues.[1]
Content
In the black-letter of the law, the report "may include a list of types of infringement notified and types of measures taken in accordance with Article 58(2)". This wording does not seem to impose the authority a tight constraint in terms of contents. The report may include that information but if it does not, it is unlikely to be invalid. However, the report cannot end up resulting in a sterile formalistic exercise, carrying no substantive information. This would conflict with the accountability and transparency purpose enshrined by the provision itself and should therefore be avoided. [2]
Decisions
→ You can find all related decisions in Category:Article 59 GDPR