Article 59 GDPR: Difference between revisions

From GDPRhub
Line 194: Line 194:
== Commentary ==
== Commentary ==


Transparency
=== Transparency ===
The main goal of the activity reports regulated by Article 59 consists of informing EU authorities as well as the larger public about the activities the data protection authority has performed over the previous year. Scholars highlights that these materials also contribute in forming a gradual common opinion among different DPAs over common and recurring data protection issues.<ref>''Boehm,'' in Kühling, Buchner, DS-GVO BDSG, Article 59 GDPR, Margin number 4 (Beck, 3rd edition 2020) (accessed 3.5.2021)</ref>


The main goal of the activity reports regulated by Article 59 consists of informing EU authorities as well as the larger public about the activities the data protection authority has performed over the previous year. Scholars highlights that these materials also contribute in forming a gradual common opinion among different DPAs over common and recurring data protection issues.<ref>''Boehm,'' in Kühling, Buchner, DS-GVO BDSG, Article 59 GDPR, Margin number 4 (Beck, 3rd edition 2020) (accessed 3.5.2021)</ref>
=== Content ===
In the black-letter of the law, the report "''may include a list of types of infringement notified and types of measures taken in accordance with Article 58(2)''". This wording does not seem to impose the authority a tight constraint in terms of contents. The report ''may'' include that information but if it does not, it is unlikely to be invalid. However, the report cannot end up resulting in a sterile formalistic exercise, carrying no substantive information. This would conflict with the accountability and transparency purpose enshrined by the provision itself and should therefore be avoided. <ref>This seems to be the position of ''Boehm,'' in Kühling, Buchner, DS-GVO BDSG, Article 59 GDPR, Margin number 4 (Beck, 3rd edition 2020) (accessed 3.5.2021)</ref>


== Decisions ==
== Decisions ==

Revision as of 14:58, 3 May 2021

Article 59 - Activity reports
Gdpricon.png
Chapter 10: Delegated and implementing acts

Legal Text


Article 59 - Activity reports


Each supervisory authority shall draw up an annual report on its activities, which may include a list of types of infringement notified and types of measures taken in accordance with Article 58(2). Those reports shall be transmitted to the national parliament, the government and other authorities as designated by Member State law. They shall be made available to the public, to the Commission and to the Board.

Relevant Recitals

You can help us fill this section!

Commentary

Transparency

The main goal of the activity reports regulated by Article 59 consists of informing EU authorities as well as the larger public about the activities the data protection authority has performed over the previous year. Scholars highlights that these materials also contribute in forming a gradual common opinion among different DPAs over common and recurring data protection issues.[1]

Content

In the black-letter of the law, the report "may include a list of types of infringement notified and types of measures taken in accordance with Article 58(2)". This wording does not seem to impose the authority a tight constraint in terms of contents. The report may include that information but if it does not, it is unlikely to be invalid. However, the report cannot end up resulting in a sterile formalistic exercise, carrying no substantive information. This would conflict with the accountability and transparency purpose enshrined by the provision itself and should therefore be avoided. [2]

Decisions

→ You can find all related decisions in Category:Article 59 GDPR

References

  1. Boehm, in Kühling, Buchner, DS-GVO BDSG, Article 59 GDPR, Margin number 4 (Beck, 3rd edition 2020) (accessed 3.5.2021)
  2. This seems to be the position of Boehm, in Kühling, Buchner, DS-GVO BDSG, Article 59 GDPR, Margin number 4 (Beck, 3rd edition 2020) (accessed 3.5.2021)