Irish Data Protection Commissioner Helen Dixon on GDPR Enforcement One Year In

The first year of the much-anticipated GDPR has brought tepid enforcement, with the highest-profile regulator – Ireland – still working on dozens of large-scale investigations. The Anti-Corruption Report spoke with Irish Data Protection Commissioner Helen Dixon about the timeline of investigations, her enforcement approach, lessons she has learned and why the €50‑million fine against Google was levied in France and not Ireland. We also share insights from U.K. and Austrian regulators who spoke at the recent IAPP Global Privacy Summit conference on the roles of their agencies. In a companion article, we will discuss Dixon’s experiences so far with breach notification, her insight on private rights of action, her agency’s examination of the role of the data protection officer and her advice for the U.S. Congress as it considers implementing a federal privacy law. See “Analyzing Early GDPR Enforcement”: Portugal and Germany (Feb. 6, 2019); U.K. and Austria (Feb. 20, 2019); and France (Mar. 6, 2019).

To read the full article

Continue reading your article with an ACR subscription.