Keynote: ‘Non-Stop Discussion of the One-Stop Shop’
Published: April 2021
This LinkedIn Live is part of the IAPP Global Privacy Summit Online 2021 web series.
The one-stop-shop enforcement mechanism under the EU General Data Protection Regulation proved the last hurdle for adoption and has been under debate ever since. The first landmark enforcement decision under the GDPR further ignited the controversy. In this decision, France's data protection authority, the Commission nationale de l'informatique et des libertés, fined Google 50 million euros rather than referring the case to the Data Protection Commission in Ireland, where Google has its EU headquarters. On June 19, 2020, France’s highest administrative court confirmed the CNIL’s decision to fine Google but corrected the CNIL on how to rightfully apply the OSS.Panelists will visit the facts of this case, including why the CNIL did not apply the OSS and how the French High Court corrected the CNIL. More broadly, this discussion will consider the concerns and criticisms of the OSS and offer clarity as to when the OSS applies. Viewers will gain insight into how the supervisory authorities apply the OSS mechanism in practice, how they decide on priorities and potential improvements how to avoid bottlenecks in enforcement. Finally, learn what the OSS means for U.S.-headquartered companies, including what measures can be taken to reap benefits.
Mikko Niva, Group Privacy Officer, Head of Legal, Privacy, Security and Content Standard, Vodaphone; Member, IAPP Board of Directors
Lokke Moerel, Senior Of Counsel, Morrison & Foerster; Professor, Global ICT Law, Tilburg University
Helen Dixon, Commissioner, Data Protection Commission
Karolina Mojzesowicz, Deputy Head of Unit Data Protection, European Commission
Wojciech Wiewiórowski, European Data Protection Supervisor