Selbstregulierung Informationswirtschaft e.V.
SRIW
Der gemeinnützige Verein SELBSTREGULIERUNG INFORMATIONSWIRTSCHAFT e.V.
ID: 618569919406-26
Lobbying Activity
Response to Report on the application of the General Data Protection Regulation
8 Feb 2024
Selbstregulierung Informationswirtschaft e.V. - non-for profit - appreciates the opportunity to provide feedback to the European Commission's Call for Evidence related to the Commission's "Report on the General Data Protection Regulation". Please, find our responses and comments attached.
Read full responseResponse to Further specifying procedural rules relating to the enforcement of the General Data Protection Regulation
24 Mar 2023
Please, find the detailed joint-feedback as attachment. Following the key messages: 1 Key Messages 1.1 It is strongly recommended to extend the understanding of enforcement by integrating complementing tools, such as Codes of Conduct, into the evaluation by the European Commission. Codes of Conduct strongly support harmonization across Europe, by allowing for particularizing ambiguous interpretations in sector-specific manners. The enforcement of Codes of Conduct complements the public actions via data protection supervisory authorities and may significantly increase GDPR compliant yet practical implementations. Compulsory oversight by independent Monitoring Bodies allows for additional robust enforcement. Required continuous communication between Monitoring Bodies and data protection supervisory authorities may establish exchange of first-hand experiences, fostering consistent, robust yet practical application of the law. 1.2 It is strongly recommended to review the procedural requirements in receiving a Code of Conducts approval and a Monitoring Bodys accreditation. Generally, the legal framework and EDPBs guidelines are considered suitable, if applied consistently. Specifically for transnational Codes of Conduct, harmonized interpretation is appreciated, because projects suffer delays, e.g., by means of consistently and mutually determining the competent data protection supervisory authorities. Periods as indicated by GDPR are not yet met in practice. So, it is recommended to adapt such periods to more realistic timelines and to clarify that in case data protection supervisory authorities cannot unanimously determine undisputable conflicts with GDPR, Codes of Conduct shall be deemed in accordance with GDPR. It is recommended to limit deviations in regards of the accreditation criteria for Monitoring Bodies to the minimum needed, e.g., by different administrative member state laws. Any material deviation creates unnecessary obstacles to Monitoring Bodies, which seek to provide their services in several member states, limiting the scalability of their services, which is a key element in ensuring that adherence to Codes of Conduct remains accessible to micro, small and medium sized enterprises. 1.3 In regards of third country transfers, a general validity by implementing act is required. It is strongly recommended to ensure that procedural efforts will be streamlined preventing any unreasonable delays in operationalizing such projects. Safeguarding third country transfers is one of the key elements subject to legal, political and operational discussions. Codes of Conduct may act as a safeguard provide that, next to the formalities to be met for transnational Codes of Conduct in any case, general validity will be granted. Considering the procedural steps of deciding on an implementing act, it is strongly recommended to allow for a material assessment by the European Commission and the EDPB in parallel.
Read full responseResponse to Report on the application of the General Data Protection Regulation
29 Apr 2020
SRIW & SCOPE Europe welcome the opportunity to provide comments for the upcoming European Commission report on the application of GDPR.
About SRIW e.V. & SCOPE Europe sprl:
Self-Regulation Information Economy (German: Selbstregulierung Informationswirtschaft e.V. – short: SRIW) is a Berlin-based non-profit-organization that fosters and promotes data and consumer protection through self- and co-regulation. SRIW is also a monitoring body for data protection codes of conduct in Germany since 2011 and, yet, has successfully implemented and enforced two codes of conduct in the field of data protection. It further serves as a platform for the development, implementation, enforcement, and evaluation of various codes of conduct. SRIW has also actively contributed to the work of the Community of Practice for better self- and co-regulation during its mandate.
SCOPE Europe sprl / bvba (SCOPE Europe) is a subsidiary of SRIW. Located in Brussels, it aims to continue and complement the portfolio of SRIW in Europe and strives to become an accredited monitoring body under the European General Data Protection Regulation, pursu-ant to Article 41 GDPR. SCOPE Europe gathered expertise in levelling industry and data subject needs and interests to credible but also rigorous provisions and controls. SCOPE Europe also acts as monitoring body for the EU Data Protection Code of Conduct for Cloud Service Providers and is engaged in other GDPR code of conduct initiatives.
Read full responseMeeting with Michael Hager (Digital Economy)
23 Jun 2016 · DSM