EU strikes deal to streamline cross-border GDPR enforcement
Europe is taking a significant step toward ensuring that your data protection rights are enforced more swiftly and consistently, no matter where you live or file a complaint in the EU.
The EU Council and European Parliament have reached a political agreement to strengthen cross-border enforcement of the General Data Protection Regulation (GDPR). The new regulation, once adopted, will simplify and speed up how national data protection authorities cooperate on cases involving data processing across EU borders.
That move seeks to protect citizens’ rights better and make enforcement more efficient. Key improvements include harmonising the criteria for assessing complaints, regardless of where in the EU they’re filed, and ensuring both complainants and companies under investigation are given the right to be heard throughout the process. The regulation introduces deadlines to avoid drawn-out investigations — 15 months for complex cases (with a possible 12-month extension) and 12 months for simpler ones.
The agreement also creates an ‘early resolution’ option to settle straightforward complaints without triggering lengthy cross-border procedures. It adds a simplified cooperation track for less contentious cases and encourages authorities to share key case information early to build consensus more quickly among EU partners.
The deal now awaits formal approval from both institutions. Once passed, the new rules will enter into force, marking a significant evolution in how the GDPR is enforced across Europe.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!