The Data Protection Commission (DPC), the major privacy watchdog overseeing Big Tech in the European Union (EU), is set to receive two new commissioners. The Irish government has recently posted job advertisements for the positions, aiming to strengthen the DPC’s capabilities in enforcing the EU’s data protection framework, including the General Data Protection Regulation (GDPR).
Key Takeaway
The Data Protection Commission (DPC) in Ireland, a major privacy watchdog in the EU, is recruiting two new commissioners to strengthen its capabilities in overseeing Big Tech’s compliance with the General Data Protection Regulation. The new commissioners will join the existing commissioner, Helen Dixon, who will become the chair. The DPC has a crucial role in enforcing GDPR and has faced criticism for its approach to regulating tech giants. The appointments of the new commissioners will bring fresh perspectives and potential reforms to the DPC’s operations.
New Leadership Structure
Under the new leadership structure, the two new commissioners will join the current commissioner, Helen Dixon, who will become the chair. However, Dixon’s term is set to expire next year, prompting a complete leadership reboot at the DPC.
The Irish government approved the change of structure in July 2022, responding to calls to enhance the capabilities of the DPC, given its massive case load and the increasing importance of overseeing tech giants’ compliance with GDPR.
Key Role in GDPR Enforcement
The DPC plays a crucial role in the enforcement of GDPR across Europe. Many large tech companies, including Apple, Google, Meta, TikTok, and Twitter, choose to locate their European headquarters in Ireland, making the DPC their lead supervisory authority within the European Economic Area.
Notably, AI giant OpenAI has recently opened an office in Dublin, indicating its intention to establish “main establishment” status in Ireland. If successful, the DPC would become OpenAI’s lead regulator for GDPR compliance as well.
Qualifications and Application Process
Candidates applying for the commissioner roles must possess a comprehensive understanding of relevant legal systems and frameworks, including national and EU data protection law, human rights law, law enforcement procedures, and administrative law. Knowledge and understanding of ICT and data processing methods are also required.
The closing date for applications is October 19, with the Irish Top Level Appointments Committee (TLAC) responsible for making the appointments.
Criticism and Reforms
The DPC has faced criticism for its approach to GDPR enforcement on Big Tech. Privacy experts have accused the regulator of not properly interrogating platform power and its impact on EU citizens’ rights. The DPC’s draft decisions on high-profile probes have frequently faced review and push-back from peer authorities and the European Data Protection Board.
Privacy rights groups, such as noyb, have argued that the DPC’s penalties on tech giants have been too lenient. The Irish Civil Liberties Board (ICCL) has also sued the DPC for inaction on a complaint against Google’s adtech.
Responding to the appointment of the new commissioners, the ICCL has expressed its satisfaction but called for further reforms and an independent review to strengthen and reform the DPC.