European Union: Issued Proposal for a Regulation laying down additional procedural rules relating to the enforcement of GDPR in cross-border cases

On 4 July 2023, the European Commission published a proposal for a new regulation outlining concrete procedural rules for data protection authorities when applying the GDPR in cross-border cases. The regulation aims to harmonise rules for the handling of complaints and conducting investigations for the timely completion of investigations and the delivery of swift remedies for individuals. In particular, the proposed regulation harmonises the requirements for a cross-border complaint to be admissible and establishes common rights for complainants. The proposed regulation also outlines the rights of data controllers and processors under investigation such as the right to be heard at key stages in the procedure and the right to access the administrative file. Further, the proposal regulates cross-border cooperation between data protection authorities and provides detailed rules to facilitate the dispute resolution mechanism under Article 65 of the GDPR.