Module 11 - Supervision and Enforcement Flashcards

1
Q

What is the role of a data protection authority?

A
  • Promote and enforce GDPR.
  • Promote aware.
  • Conduct investigations.
  • Protect human rights.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What three categories of power do DPAs have?

A
  • Advisory.
  • Investigatory.
  • Corrective.

MS may also grant additional (local) powers to their DPAs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which DPA is competent to regulate a controller or processor?

A
  • Single establishment: DPA in MS of establishment.
  • Multiple establishments: DPA in place of MAIN establishment as LEAD DPA, UNLESS decisions affect DS elsewhere, in which a CONCERNED DPA may become the LEAD DPA.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What four governance mechanisms regulate collective DPA interactions?

A
  • Cooperation (e.g. amongst lead and concerned DPAs).
  • Mutual assistance.
  • Joint operations.
  • Consistency mechanisms (e.g. EC/EDBP promoting consistent application of GDPR).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Who staffs the European Data Protection Board?

A
  • Chair.
  • 1 representative from the EC.
  • 1 representative from each EU MS DPA.
  • 1 non-voting representative from each EEA MS.

Note: the EDBP is, hence, independent of all MS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the EDPB’s key functions?

A
  • Ensuring consistent application of GDPR.
  • Issuing guidance.
  • Resolving disputes amongst DPAs.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the role of the European Data Protection Supervisor?

A
  • Supervision and enforcement of GDPR against EU institutions.
  • Secretariat of EDBP.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What sanctions apply for contravention of GDPR?

A
  • Greater of EUR 20MM or 4% worldwide turnover for breaches of DS rights, transfer obligations, processing principles, DPA orders or MS law.
  • Greater of EUR 10MM or 2% worldwide turnover for other breaches.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly