European Union: European Commission issues proposal for General Data Protection Regulation including the establishment of Supervisory Authorities

On 25 January 2012, the European Commission published its proposal for the General Data Protection Regulation (GDPR). The Supervisory Authorities (SAs) would be established under the General Data Protection Regulation (GDPR) to monitor and enforce compliance with data protection laws in each EU Member State. These authorities would operate independently, without influence from government bodies or private entities, and their appointment, qualifications, and terms of office would be regulated. Their jurisdiction would extend to data processing activities within their respective Member States, and they would be vested with investigative and corrective powers, including the ability to conduct audits, issue fines, and enforce GDPR rules. The SA would be required to prepare an annual activity report, which may include a list of notified infringements and measures taken under Article 58(2), and would transmit these reports to the national parliament, government, and designated authorities, while also making them available to the public, the Commission, and the Board.