European Union: Adopted EDPB Rules of Procedure on the Data Protection Framework redress mechanism for national security purposes

On 17 April 2024, the European Data Protection Board (EDPB) adopted the Rules of Procedure on the cooperation and respective roles of national Supervisory Authorities (SAs) and the EDPB Secretariat regarding the submission of complaints in the redress mechanism available to individuals established in the European Union in relation to alleged violations of US law with respect to their data collected by US authorities competent for national security. The Rule aims to facilitate the submission and processing of complaints concerning alleged violations of US law in relation to personal data collected by US authorities for national security purposes. The Rules specify the verification, processing, and transmission procedures for complaints. The SAs are tasked with verifying complainants' identities and the completeness of complaints, translating necessary documents, and communicating with complainants regarding the status of their complaints and any appeals. The EDPB Secretariat's role includes verifying the competence of SAs, ensuring the use of the EU Common Complaint Form, and serving as the communication channel between SAs and US authorities.