Data protection boss Dixon rejects criticism over enforcement

Irish regulator to issue final ruling on US data transfers concerning Meta by May 12th

Irish Data Protection Commissioner Helen Dixon, big tech’s top privacy watchdog in the European Union, took aim at critics who blame her office for taking far too long to issue rulings against Silicon Valley firms.

“Some of the people that comment on speed understand very little about the process of conducting an investigation, the complexity of finding the facts, the implementation of fair procedures in the process,” Dixon said in a panel at the Bloomberg New Economy Gateway Europe event in Co Wicklow.

The EU’s General Data Protection Regulation, which took effect in 2018, empowers EU data regulators to levy penalties of as much as 4 per cent of a company’s annual revenue for the most serious violations. Tensions built up quickly, as the Irish watchdog was transformed overnight into the leading EU supervisor for global tech companies with a base in the nation, such as Apple and Facebook owner Meta Platforms.

“These things do take time to do properly,” Dixon said. “And if anyone has read the 200-page decisions ultimately that the office produces to ground the kind of enforcement measures we’re implementing, they will understand a little bit about the detail.”


Dixon also signalled progress in a long-running saga over the validity of transatlantic data transfers over fears of EU data being accessed by US spies. She said her office would issue its final ruling in an investigation into the matter concerning Facebook by May 12th.

Meta could face an imminent data flow ban in that order on the use of EU-US data transfers under so-called standard contractual clauses.

It’s unclear what such an order would mean in practice for Meta and possibly thousands of other firms that depend on similar data flows. That’s because it will come just a few months before a new EU-US data pact comes into force, potentially ending the legal limbo. – Bloomberg