Europe’s GDPR is widely-discussed in today’s news cycles and for good reason. The regulation impacts many organizations throughout the world, and violations of the regulation can result in material fi nes. One aspect that isn’t widely discussed but an organization facing the possibility of a GDPR fi ne would want to know is how violations are identifi ed and fi nes decided upon. In other words, what’s the enforcement framework for GDPR?
Because the European Union (EU) is a union and not a federal government, its laws and regulations are directly enforced by its Member States. GDPR has required each Member State¹ to establish at least one independent supervisory authority (commonly referred to as data protection authorities, or DPAs), and these entities have responsibility to enforce GDPR in their respective Member State².
Views: 7
