Council Approves Regulation to Streamline Cross-Border GDPR Complaints
The Council has approved a new regulation aimed at accelerating and harmonizing the handling of cross-border GDPR complaints by national data protection authorities. This reform addresses administrative complexities and seeks to deliver faster, clearer outcomes for both individuals and organizations involved in cross-border data protection disputes within the EU.
The regulation introduces uniform admissibility criteria, ensuring that complaints are evaluated by the same standards regardless of the EU member state where they are filed. It also establishes common procedural rights, granting complainants consistent opportunities to participate in proceedings, while companies under investigation receive guaranteed rights to be heard and to review preliminary findings before any decisions are made.
To reduce administrative burdens, the new rules implement a simplified cooperation procedure for straightforward cases, allowing authorities to bypass lengthy coordination processes. Strict deadlines have been set for investigations: most cross-border cases must be resolved within 15 months, with a possible extension of 12 months for more complex cases, while simpler cases must be concluded within 12 months.
Following the Council’s approval, which marks the final legislative step, the regulation will come into force 20 days after its publication in the EU’s Official Journal. It will become applicable 15 months after entering into force, providing a more efficient and consistent framework for handling cross-border data protection complaints under the GDPR.
