IAF Policy Call on GDPR Collective Action by NGOs

Global data flows have always been a key issue for the IAF, and Schrems II has been a cause for additional reflection. Schrems II also raises consideration of what risk analysis should mean. First, is the risk to fundamental rights and freedoms that a European resident will be subject to any government’s bulk requests for data. Even, if that risk is low, the data protection professional then must determine the risk that a tribunal will disagree with the team’s risk assessment. Tribunal risk has increased due to Article 79 of the GDPR which allows an individual to take a case directly to court. In addition, Article 80 allows representative actions (i.e. an individual has the right to require a public interest not-for-profit active in the field of data protection to lodge the complaint on his or her behalf). Thus, the risk is no longer one solely of agency investigation but also is one of the likelihood of NGO actions. Stewart Room, a partner and Head of Data Protection and Cyber Security at DWF Law LLP, first raised this risk of collective action with the IAF team just after the GDPR was enacted. As the IAF team explores the risk of “collective action,” it invites you to join it September 14 for a discussion with Stewart and at least one additional expert on GDPR Articles 77 through 80.

Please join the call on Monday, September 14 at the time specific to your area.

You can join by clicking on the “Join Microsoft Teams Meeting” link below or by using the dial in number provided.

________________________________________________________________________________

Join Microsoft Teams Meeting

+1 501-483-0913   United States, Little Rock (Toll)

Conference ID: 974 905 089#

Local numbers | Reset PIN | Learn more about Teams | Meeting options

________________________________________________________________________________