The right to lodge a data protection complaint: OK, but then what? An empirical study of current practices under the GDPR

Gloria Gonzalez Fuster, Jef Ausloos, Damian Bons, Lee A. Bygrave, Bárbara da Rosa Lazarotto, Laura Drechsler, Olga Gkotsopoulou, Christopher Hristov, Kristina Irion, Lina Jasmontaite, Charlotte Kroese, Orla Lynskey, Maria Magierska

Onderzoeksoutput: Commissioned reportResearch

Samenvatting

Access to data protection remedies constitutes a core element of the enforcement of the General Data Protection Regulation (GDPR).15 Individuals confronted with a data protection infringement have the right to turn directly to the judiciary (Article 79 of the GDPR), but they have also the right to lodge a complaint with a Data Protection Authority (DPA) (Article 77 of the GDPR). They can lodge a complaint at the Member State of their habitual residence, of their place of work, or of the Member State of the place of the alleged data protection infringement. Data subjects also have the right to an effective judicial remedy against the decisions of DPAs, as well as in case of lack of action or lack
of information about the outcome or progress of their complaint (Article 78 of the GDPR). Individuals can decide to mandate certain civil society organisations to represent them in front of DPAs, or in front of courts (Article 80 of the GDPR).
Data protection remedies are directly linked to two fundamental rights of the European Union (EU): the right to the protection of personal data and the right to an effective judicial remedy, enshrined in Articles 8 and 47 of the EU Charter of Fundamental Rights, respectively. Data protection remedies are at the crossroads of the exercise of individuals' rights and the obligations imposed on DPAs.
Originele taal-2English
UitgeverijAccess Now
Opdrachtgevend orgaanAccess Now
Aantal pagina's69
StatusPublished - jun 2022

Vingerafdruk

Duik in de onderzoeksthema's van 'The right to lodge a data protection complaint: OK, but then what? An empirical study of current practices under the GDPR'. Samen vormen ze een unieke vingerafdruk.

Citeer dit