Nicholas Vinocur reports:
Last May, Europe imposed new data privacy guidelines that carry the hopes of hundreds of millions of people around the world — including in the United States — to rein in abuses by big tech companies.
Almost a year later, it’s apparent that the new rules have a significant loophole: The designated lead regulator — the tiny nation of Ireland — has yet to bring an enforcement action against a big tech firm.
Read more on Politico. As Vinocur subsequently acknowledges, the Irish DPC, Helen Dixon, has numerous investigations that have been launched. In her keynote speech at the recent International Privacy & Security Forum, she outlined some of the growth and challenges her office has faced over the past 5 years, and it seemed clear to me that they continue to need to take on more staff to handle the increased demands and challenges. And in a brief conversation I had with her the next day, I got the distinct impression that Ms Dixon is very much committed to data protection and is looking for input from professionals who have already grappled with certain issues and pitfalls. That she actively sought the input and consultations from privacy advocates and not just big tech representatives at the conference is to her credit.
I don’t know when the DPC will issue its first big fine, but I do think it’s coming — especially if the DPC and her staff spend more time getting input from privacy professionals and privacy advocates.