European Parliament expresses concerns over lack of GDPR enforcement

The European Parliament has adopted a resolution on the Commission evaluation on the implementation of the General Data Protection Regulation (GDPR) two years after its application. This resolution concludes that, two years after its entry into application, the GDPR has been an overall success, and agrees with the Commission that it is not necessary at this stage to update or review the legislation. However, Members of the European Parliament (MEPs) also expressed concerns about the uneven and sometimes non-existent enforcement of the GDPR by national DPAs more than two years after the start of its application, and therefore regrets that the enforcement situation has not substantially improved compared to the situation before the GDPR. The resolution specifically refers to the case of the Irish data protection authority, noting it has generally closed most cases with a settlement instead of a sanction and that cases referred to Ireland in 2018 have not even reached the stage of a draft decision.