On 26 February 2019, the European Data Protection Board (EDPB) presented a Report to the Civil Liberties (LIBE) Committee of the European Parliament (EP) on the implementation of the General Data Protection Regulation (GDPR). The Report focuses on the roles and means of the national supervisory authorities, also known as Data Protection Authorities (DPAs).
The EDPB affirms in its Report that the majority of DPAs would need an increase of 30-50% in their budget in order to deal efficiently with the tasks they are required to perform. In some dramatic cases, the DPA claimed that an increase of their budget in 100% would be necessary. That said, the majority of DPAs saw an increase of their staff in the last years, while for eight of them there was no change, and one decreased in personnel.
The Report compiled information from 31 European Economic Area (EEA) countries and counted up to 206,326 cases handled by DPAs since the GDPR entered into force. Most of these relate to complaints, although it also includes other types of cases, such as data breach notifications. Approximately half of those complaints were closed at the time of publication of the Report, while 1% of them were being challenged before a national court. Out of those cases, DPAs in 11 EEA countries have imposed fines (based on Article 58.2 (i) GDPR) of up to 56 million Euro.
As a conclusion, the EDPB expressed their positive impact of the GDPR and the proper functioning of the mechanisms and institutions foreseen in the Regulation.
Read their full report here: https://edpb.europa.eu/sites/edpb/files/files/file1/19_2019_edpb_written_report_to_libe_en.pdf