Germany: Conference of Independent Data Protection Supervisory Authorities of the Federal and State Governments adopted guidelines for procedures on imposing fines by the data protection supervisory authorities under GDPR

On 16 June 2025, the Conference of Independent Data Protection Supervisory Authorities of the Federal and State Governments (DSK) adopted the model guidelines for procedures on imposing fines by the data protection supervisory authorities (MRiDaVG), establishing standardised rules for conducting administrative fine proceedings under the General Data Protection Regulation (GDPR). The Guidelines define procedural principles, including the primacy of EU law, equivalence, and effectiveness, outline the handling of cases involving legal entities under the principle of direct corporate liability, specify the separation of fine procedures from administrative actions, address cross-border cooperation under Articles 60 and 65 GDPR, and regulate evidence collection, public disclosures, and coordination with prosecutorial authorities. The MRiDaVG ensures uniform application of GDPR enforcement measures across German data protection authorities.