pondělí 2. října 2017

Some EU DPAs increasingly desperate for GDPR resourcing

Some EU DPAs increasingly desperate for GDPR resourcing
Autor textu: David Meyer
Text najdete na portálu Iapp.org
na adrese: http://tinyurl.com/y9wab2d2
Autor se zamýšlí nad problematikou finančního rozpočtu pro pokrytí potřeb aplikace GDPR. Probírá vybrané země a charakterizuje aktuální stav - včetně ČR. U nás se zatím toto téma, které se může stát brzo kritickým, na webu moc neobjevuje.
Cituji vybrané části textu: "Earlier this month, DPAs in both the U.K. and the Netherlands went public with their pleas for more funding and staff. And, as The Privacy Advisor has discovered, they're not the only ones looking nervously at the GDPR's ticking clock."
"Indeed, regulators in Bulgaria, Poland and Portugal have all expressed serious fears over their resourcing. Those in France, Finland, Sweden and the Czech Republic have also called for funding increases and are waiting on their respective national legislatures to confirm that they'll be getting what they need."
"However, as a result of the adoption of the GDPR, there are a number of urgent priorities that require significant financial and human resources, such as trainings of data controllers and processors, especially [data protection officers], as well as information and awareness campaigns for citizens," Angelov said. "In this context, according to our estimates, the implementation of the new legal framework will require staff and budget increase of around 25 to 30 percent of the existing employees and funds."
"We do not know yet if we will be provided with more financial means," said Marine de Baillenx, a communications officer at the regulator. "On the one hand, we face growth in our activity — double-digit growth — meaning that we have more complaints, and we have more processors coming to us and asking for advice. For all these activities we have double-digit growth, but on the other hand, we don't have double-digit growth for resources."
"In the Czech Republic, government ministries are currently discussing a GDPR-related amendment to the country's Data Protection Act. "Consequently, it is too early to talk about sufficiency or insufficiency of resources available for our DPA in the light of GDPR implementation in 2018," said Vojtěch Marcín, a spokesperson for the Office for Personal Data Protection." 
Cituji ze závěru: "Nobody knows exactly what workload we will have under the GDPR," Peep said. "We can temporarily reduce our proactive work and will have knowledge-based staff and budget calculation after the GDPR introduction."