European Union: General Data Protection Regulation (Regulation (EU) 2016/679) including the establishment of Supervisory Authorities enters into force

On 25 May 2018, the General Data Protection Regulation (GDPR) enters into force. The Supervisory Authorities (SAs) have been established under the General Data Protection Regulation (GDPR) in order to monitor and enforce compliance with data protection laws in each EU Member State. These authorities operate independently, without influence from government bodies or private entities, and their appointment, qualifications, and terms of office are regulated. The jurisdiction of these authorities extends to data processing activities within their respective Member States, and they are vested with investigative and corrective powers, including the ability to conduct audits, issue fines, and enforce GDPR rules. The SA must prepare an annual activity report, which may include a list of notified infringements and measures taken under Article 58(2), and transmit these reports to the national parliament, government, and designated authorities, while also making them available to the public, the Commission, and the Board.