EDPB Introduces Complaint Template and Updates BCR-Cs Recommendations for Efficient Data Protection
In its latest plenary, the EDPB took a significant step towards making the handling of cross-border data protection complaints more efficient. They introduced a template complaint form that would be used by Data Protection Authorities (DPAs) on a voluntary basis. EDPB Chair, Anu Talus, highlighted that the template would aid in the seamless exchange of information between DPAs and help handle complaints more swiftly. This form can be used in any case, whether the complaint is lodged personally or by a third party.
Furthermore, the EDPB developed a template for acknowledging receipt of a complaint. It’s designed to provide general information about the next steps to the complainant and emphasizes their right to an effective judicial remedy against a legally binding DPA decision. This move is in line with the board’s commitment to increase transparency and ensure that individuals are well-informed about their complaint’s status and subsequent procedures.
The plenary also saw the adoption of a final version of the Recommendations on the application for approval and on the elements and principles for BCR-Cs. The updated recommendations aim to provide an updated standard application form for BCR-Cs approval, clarify their necessary content, and distinguish between what must be included in a BCR-C and what must be presented to the BCR lead DPA. The new recommendations are applicable to all BCR-C holders and applicants and are expected to bring their BCR-C in line with the requirements outlined in the recommendations by 2024.
These updates not only aim to streamline the process but also ensure the level playing field for BCR applicants. They also bring the existing guidelines in sync with the requirements of CJEU’s Schrems II ruling. The EDPB is also working on a second set of recommendations for BCR-processors (BCR-Ps), giving us something to look forward to.
