Data Protection Authority

This article concerns a major concept that exist in the English version of Wikipedia, which you can check here. You are reading an independent version by the ICANNWiki community.

A Data Protection Authority (DPA) is an independent public authority that supervises, through investigative and corrective powers, the application of data protection laws. It provides expert advice on data protection issues and handles complaints lodged against violations of the General Data Protection Regulation and relevant national laws. There is one in each EU Member State. For organizations, DPAs are the main contact point for questions on data protection in the EU Member State where they are based.[1]

Legislation & Guidance

In the EU:

  • Article 4(16), Chapter VI (Articles 51 to 59), and Recitals (117) to (123) of the [GDPR
  • EDPB Guidelines on Lead Supervisory Authority and Annex[2]

References