CIPL Responds to Irish DPC Consultation on Draft Regulatory Strategy
Time 2 Minute Read
Categories: Centre for Information Policy Leadership, European Union, International

On June 30, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its comments on the Irish Data Protection Commissioner’s (“DPC”) consultation on its Draft Regulatory Strategy for 2021-2026, in which the DPC sets out its vision for the next five years.

CIPL’s contribution calls for:

  • Further elaboration on how the DPC considers effective regulation and behavioral economics in its strategic thinking;
  • More explicit acknowledgment of the GDPR’s risk-based approach in implementation and enforcement;
  • References to the importance of a regulatory approach that is evidence-based and results-focused;
  • Clarification that all of the “Strategic Goals” are equally important and inter-dependent;
  • Consideration of the need for consistency with other applicable regulatory regimes, and the need to establish liaison relationships with other national regulators;
  • Inclusion of a reference to settlements and how they may be used, as well as case studies;
  • Further information on the DPC’s plans to seek clarification and consistency on procedures under the One-Stop-Shop mechanism;
  • Additional details on how the DPC proposes to take a strategic overall approach to enforcement that is not systematically driven by individual complaints; and
  • Adoption of guidance on the fines structure and aggravating and mitigating factors to be taken into account, including rewarding organizations that invest in privacy programs and go beyond legal requirements.
Tags: Data Protection Authority, GDPR, Ireland, Risk-Based Approach
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 2 Minute Read
Data Protection Authorities Globally Highlight Privacy Issues in AI Image Generation

On February 23, 2026, a Joint Statement on AI-Generated Imagery was published by 61 data protection authorities. The Joint Statement addresses concerns regarding AI systems capable of generating realistic images and videos depicting identifiable individuals without their knowledge or consent.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 5 Minute Read
EU Digital Omnibus Introduces a Single Reporting Point for Cybersecurity Incidents

On November 19, 2025, the European Commission unveiled the much-anticipated digital omnibus legislative package (the “Digital Omnibus”), setting the stage for a new era of digital governance and regulatory simplification across the European Union. According to the Commission, this initiative is designed to enable European businesses to devote more energy to innovation and growth, rather than navigating complex compliance landscapes.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
Council of the European Union Adopts New Rules to Boost Cross-Border GDPR Enforcement

On November 17, 2025, the Council of the European Union adopted new rules designed to strengthen cooperation among national data protection authorities, enhancing the enforcement of the EU General Data Protection Regulation.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 3 Minute Read
EPDB Adopts Opinion on Brazil Adequacy Decision

On November 4, 2025, the European Data Protection Board adopted its opinion on the European Commission’s draft decision regarding the adequacy of Brazil’s personal data protection framework. Once finalized, this decision will enable the free flow of personal data from the European Union to Brazil.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page