EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Data privacy progress, enforcement and Brexit

Dubhe Sarmiento Félix and Steve Wright
Additional contact information
Dubhe Sarmiento Félix: Privacy Lawyer, CIPP/E and CIPM, Mexico
Steve Wright: PrivacyCulture, UK

Journal of Data Protection & Privacy, 2020, vol. 3, issue 4, 427-436

Abstract: This paper discusses how, in the second year of the General Data Protection Regulation (GDPR), there has been outstanding progress in public awareness regarding data privacy, an increase in corporate accountability and awareness at all levels of organisations, a cultural shift in businesses regarding the use of data and international influence of the Regulation. It stipulates how there has also been progress in GDPR enforcement as Data Protection Authorities (DPAs) have been more active, imposing warnings, administrative fines and processing limitations but it has been inconsistent, as decisions have varied in terms of rigour and quality across the EU (European Union). This has been particularly so due to its conflicting interpretations, the lack of cooperation between DPAs, the extent of the efficiency of the one-stop shop mechanism, among other motives. The paper discusses the lack of clarity on enforcement rules and trends has left businesses in a vulnerable position. Also, Brexit and the Schrems II judgment have left individuals and businesses in a vulnerable position. First, individuals might have to exercise their rights in multiple jurisdictions, and businesses might face double fines for the same violations. Secondly, regarding data transfers between the EU and the UK, if an adequate decision is not reached, businesses will have to rely on other safeguard mechanisms for data transfer, such as the standard contractual clauses (SCCs). The reliance on SCCs, however, is now questionable and uncertain in light of the Schrems II decision. The paper analyses how the use of SCCs will imply additional burdens for data controllers and their valid implementation will depend on the approaches that DPAs and other EU authorities take.

Keywords: privacy; data protection; GDPR; enforcement; Brexit; data protection authorities; one-stop shop mechanism; standard contractual clauses; Schrems II (search for similar items in EconPapers)
JEL-codes: K2 (search for similar items in EconPapers)
Date: 2020
References: Add references at CitEc
Citations:

Downloads: (external link)
https://hstalks.com/article/5885/download/ (application/pdf)
https://hstalks.com/article/5885/ (text/html)
Requires a paid subscription for full access.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:aza:jdpp00:y:2020:v:3:i:4:p:427-436

Access Statistics for this article

More articles in Journal of Data Protection & Privacy from Henry Stewart Publications
Bibliographic data for series maintained by Henry Stewart Talks ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:aza:jdpp00:y:2020:v:3:i:4:p:427-436