75% of Ireland’s GDPR decisions since 2018 overruled
In last five years, the European Data Protection Board (EDPB) has overruled a whopping 75% of decisions made by the Ireland’s Data Protection Commission (DPC) in EU cases. This figure jumps to 88% if you exclude three cases that are yet to be included in the EDPB’s register of final decisions.
As the home base of tech giants DPC is the lead authority in data protection complaints against companies like Google, Meta, Apple, TikTok, Microsoft, Airbnb, Yahoo!, Twitter and Tinder. Those 8 companies are involved in some 87% of cross-border GDPR complaints to Ireland’s DPC.
However, Ireland is identified as ‘the bottleneck of enforcement’ in Europe when it comes to major cross-border cases. The DPC appears to favor amicable resolutions instead of using enforcement measures when dealing with cross-border complaints – a practice observed in 83% of received cases.
According to statistics from May 2018 to late 2022, 64% of the 159 enforcement measures in these cases were reprimands, suggesting that enforcement against big technology corporations remains largely constricted. The European Data Protection Board’s register of decisions at the EU level indicates that 49 compliance orders have been issued over a four and a half year span.
Source: Majority of data watchdog’s GDPR decisions since 2018 overruled, report finds