GDPR requirements state that companies are under the jurisdiction of the country in which they are headquartered. Any privacy challenges are thus handled by the country in question. Not every European institution agrees with this, however. Since most of Europe’s large tech companies are based out of Ireland and Luxembourg, some have argued that those two countries hold an unfair amount of influence over GDPR enforcement. These same regulations also make challenges tough when an international entity, such as Facebook, is involved.
Certain European officials are pushing for centralization of GDPR enforcement. Citing existing EU-wide regulations as a precedent, they claim that centralizing GDPR operations will prevent any single country from holding too much influence and streamline enforcement. Others counter that the GDPR’s very existence points toward significant progress in the privacy field, and that extensive changes aren’t necessary. Their hope is to improve enforcement without significant changes to the GDPR.
This debate has potentially far-reaching implications. Privacy laws such as the CDPA and PIPL were heavily influenced by the GDPR’s regulations, which are now under fire. Governments around the world might have to take a closer look at their own privacy laws and determine if changes are necessary for them too.
It’s unclear how these developments will affect the GDPR. But whatever happens, 4Comply can make it easy to keep up with the changes. To learn more about 4Comply and the potential future of European privacy laws, contact us today.