The European Union (EU) Commission decided to refer both Greece and Spain to the EU Court for not transposing the Data Protection Law Enforcement Directive, Directive (EU) 2016/680 into national law.
On 25 July, the European Commission called upon the Court of the European Union to punish Greece with a penalty of €5,287.50 for each day between 6 May 2018, the deadline of transposition which it failed to meet, and either the day when the country achieves compliance or when the Court issues its first judgment under Article 260(3) TFEU. This punishment schedule will produce a minimum lump sum of €1,310,000. If it still hasn’t achieved compliance by this stage, Greece will incur a daily penalty of €22,169.70 beginning on the day of the first judgment and ending when it’s either achieved compliance or when it receives a second Court judgment.
The fines will be even higher for Spain. Leading up to when Spain achieves compliance or when the Court hands down its first judgment, the country will face a daily penalty of €21,321 stretching back to the transposition deadline. This punishment will amount to a lump sum of at least €5,290,000. If still non-compliant, Spain will face a daily penalty payment €89,548.20 from the day of the first judgment until it achieves compliance or until the Court hands out a second judgment.
These penalties all reflect the fact that neither Greece nor Spain have notified the Commission of their adoption of national measures designed to transpose the Data Protection Law Enforcement Directive, Directive (EU) 2016/680. The European Commission sees this failure to transpose the law as a problem, for it creates different levels of data protection among and hampers data exchanges between EU member states. As the Commission explains in a press release:
The protection (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/greece-spain-to-be-fined-for-not-transposing-eu-data-protection-law/