The European Commission completed its highly anticipated two year review of the General Data Protection Regulation ("GDPR") on June 24, 2020.
Overall, the Commission concluded that GDPR has strengthened the fundamental right to data protection, and contributed to raising awareness about the importance of privacy, both within the European Union and elsewhere around the world. Other regulators agreed with this overall assessment, including the European Data Protection Board.
Commissioner Věra Jourová, however, noted that there’s a “very serious to-do list” facing the Commission and member states going forward. “The European Data Protection Board and data protection authorities need to step up their work to provide a truly common European culture, provide more coherent and practical guidance, and work on vigorous but uniform enforcement,” Jourová said. “We have to work together, as the board and member states, to address concerns, particularly those of small and medium-size enterprises.”
Responding to the review, European Data Protection Supervisor Wojciech Wiewiórowski also emphasized, "We now need a stronger expression of genuine European solidarity, burden sharing and a common approach to ensure the enforcement of our data protection rules." "The outstanding success of the GDPR is the combination of many factors but the European data protection authorities’ ability to enforce EU rules is key, in particular if we want to address some harmful data practices by powerful global players."
Commission report: EU data protection rules empower citizens and are fit for the digital age