THE SANCTIONING REGIME PROVIDED BY REGULATION (EU) 2016/679 ON THE PROTECTION OF PERSONAL DATA

Abstract

In the public space and in the debates among professionals, the new general data protection regulation, which is to be applied from May 25th, 2018, is debated more and more conjunctively with the news brought by this European Union legislative act, but especially regarding the new sanctioning regime. We analyze the questions that arise concerning the violations to be sanctioned, the classification of sanctions and their amount, the deliberate nature of the violation, and the effective procedural safeguards, in accordance with the general principles of European Union law and the CFSP. During the analysis, we identify answers to these questions and, last but not least, underline the competence of the Member States as well as the role of the national supervisory authorities regarding the sanctioning regime provided for by the Regulation.