Privacy Czar Bemoans ‘Clunky’ EU Law Thwarting Big Tech Probes

Stephanie Bodoni
·2 min read

(Bloomberg) -- The data watchdog panned for dragging her feet on probes into Tech Giants such as Meta Platforms Inc. blamed “clunky” European Union procedures for wasting energy, time and money in the race to defend citizens’ privacy.

Most Read from Bloomberg

Helen Dixon, who’s about to quit her post as Ireland’s data protection commissioner, has forced firms to cough up about €2.8 billion ($3.1 billion) for violating the EU’s landmark General Data Protection Regulation.

Overnight, GDPR put regulators in Ireland and Luxembourg — where many companies have their EU base — in pole position with powers to dole out fines as high as 4% of annual sales.

But Dixon, said it was made way more tortuous than it could have been due to features of the EU’s final agreement on the legislation, which took effect in 2018 to great fanfare.

“It’s extremely difficult,” Dixon, who steps down next month after leading Ireland’s Data Protection Commission for the past decade, said in an interview at her Dublin office.

Hardwired into the EU law, still seen as the world’s toughest privacy rulebook, is a system of cooperation with other watchdogs across the 27-nation bloc. That meant before Dixon could lay a glove on the big tech firms under her watch, other watchdogs could often weigh in.

While “cooperation is working well,” it’s “a clunky form of cooperation that is leading to a lot of different avenues of legal challenge,” Dixon said. “In fact, an awful lot of energy, time and litigation resources are going in sorting out issues that arise” because of the law.

Read More: Silicon Valley’s Top EU Data Enforcer Rejects Snipes Over Speed

“The biggest surprise was that political and economic compromise that was made in terms of the form of the one-stop-shop,” said Dixon, referring to the deal on a key part of the rules supposed to put most oversight powers in the hands of a single data authority close to where companies are based.

The version “got inserted at the 11th hour,” she said, and hadn’t previously been “on the horizon.”

She said “things could have been smoother without the last-minute political changes” and “would have resulted in much more cases being handled, that would have then gone into courts, which would have held them up or not. And we’d be moving on much faster.”

Dixon said that in private she’s also had a lot of praise and gained a lot of respect from peers, and played down reports of clashes with them.

Last year, she levied the biggest GDPR fine yet, when she slapped Meta with a record €1.2 billion bill and gave the firm a deadline to stop shipping users’ data to the US.

Most Read from Bloomberg Businessweek

©2024 Bloomberg L.P.