The European Data Protection Board (EDBP) is launching its 2023 CEF coordinated enforcement action, with 26 data protection authorities from the EEA, including the EDPS participating in it. Authorities will assess and ensure that Data Protection Officers maintain their essential position within organisations and have the necessary resources to meet requirements according to Articles 37-39 GDPR.
Data protection officers (DPOs) possess an integral role in making sure organizations abide by data protection law and safeguarding data subject rights. To assess if DPOs have the necessary status in their organization according to the GDPR stipulations and resources essential to fulfill their roles, DPAs will conduct this CEF project in multiple ways: surveying DPOs through surveys or forms to identify if formal investigation is necessary; the beginning of a formal investigation; and proceeding on-going formal investigations.
The individual DPAs will then consider potential additional national supervision or enforcement actions after analyzing all results jointly. In addition, aggregated outcomes shall give further insight into the matter and allow for targeted EU level follow-up activities. Eventually, the EDPB will publish a report taking into account the initiative’s overall outcome. This initiative marks the second installment within the Coordinated Enforcement Framework (CEF).