• Courses
      • Global Series of National Privacy Laws
      • Netherlands Privacy Academy (in Dutch)
      • Caribbean Privacy Academy (in Dutch)
    • Resources
    • Join GADPPRO ACADEMY
      • Join GADPPRO Academy as an Official Partner
      • Become an Official GADPPRO Training Entity
      • Join the GADPPRO Business Academy
      • Secretariat & International Training Centre
      • Contact Us
    •  
      • RegisterLog in
    Privacad GADPPRO Academy
      • Courses
        • Global Series of National Privacy Laws
        • Netherlands Privacy Academy (in Dutch)
        • Caribbean Privacy Academy (in Dutch)
      • Resources
      • Join GADPPRO ACADEMY
        • Join GADPPRO Academy as an Official Partner
        • Become an Official GADPPRO Training Entity
        • Join the GADPPRO Business Academy
        • Secretariat & International Training Centre
        • Contact Us
      •  
        • RegisterLog in

      Blog

      Guidelines 9/2020 on relevant and reasoned objection under Regulation 2016/679

      • Categories Blog, Business, Design / Branding, Free Data Protection Resources, Uncategorized
      • Date November 29, 2020

      Guidelines 9/2020 on relevant and reasoned objection under Regulation 2016/679

      SECTION 2  «RELEVANT AND REASONED» OBJECTION

      5. Article 4(24) GDPR defines “relevant and reasoned objection” as an objection to a draft decision as to whether there is an infringement of this Regulation, or whether envisaged action in relation to thecontroller or processor complies with this Regulation, which clearly demonstrates the significance of the risks posed by the draft decision as regards the fundamental rights and freedoms of data subjects and, where applicable, the free flow of personal data within the Union”.

      6. This concept serves as a threshold in situations where CSAs aim to object to a (revised) draft decision to be adopted by the LSA under Article 60 GDPR. As the unfamiliarity surrounding “what constitutes relevant and reasoned objection” has the potential to create misunderstandings and inconsistent applications by the supervisory authorities, the EU legislator suggested that the EDPB should issue guidelines on this concept(end of Recital 124 GDPR).

      7. An objection submitted by a CSA should indicate each part of the draft decision that is considered deficient, erroneous or lacking some necessary elements, either by referring to specific articles/paragraphs or by other clear indication, and showing why such issues are to be deemed “relevant” as further explained below. Therefore, the objection aims, first of all, at pointing out how and why according to the CSA the draft decision does not appropriately address the situation of infringement of the GDPR and/or does not envision appropriate action towards the controller orprocessor. The proposals for amendments put forward by the objection should aim to remedy these errors.

      8. Indeed, the degree of detail of the objection and the depth of the analysis included therein may be affected by the degree of detail in the content of the draft decision and by the degree of involvement of the CSA in the process leading to the draft decision issued by the LSA. Therefore, the standard of “relevant and reasoned objection” is grounded on the assumption that the LSA’s obligation to exchange all relevant information is complied with, allowing the CSA(s) to have an in-depth understanding of the case and therefore to submit a solid and well-reasoned objection. To this end, the need for each legally binding measure of SAs to “give the reasons for the measure” (see Recital 129 GDPR) should also be kept in mind. The degree of involvement of the CSA in the process leading to the draft decision, if it leads to an insufficient knowledge of all the aspects of the case, can therefore be considered as an element to determine the degree of detail of the relevant and reasoned objection in a more flexible way.

      9. The EDPB would first like to emphasise that the focus of all SAs involved should be on eliminating any deficiencies in the consensus-building process in such a way that a consensual draft decision is the result. Whilst acknowledging that raising an objection is not the most preferable tool to remedy an insufficient degree of cooperation in the preceding stages of the OSS proceeding, the EDPB nevertheless acknowledges that it is an option open to CSAs. This would be a last resort to also remedy (alleged) deficiencies in terms of their involvement by the LSA in the process that should have led to a consensus-based draft decision, including as regards the legal reasoning and the scope of the investigations carried out by the LSA in respect of the case at hand.

      10. The GDPR requires the CSA to justify its position on the draft decision by submitting an objection that is “relevant” and “reasoned”. It is crucial to bear in mind that the two requirements, “reasoned” and “relevant”, are to be deemed cumulative, i.e. both of them have to be met. Consequently, Article 60 (4) requires the LSA to submit the matter to the EDPB consistency mechanism when it is of the opinion that the objection does not meet at least one of the two elements.

      11. The EDPB strongly advises the SAs to raise their objections and exchange information through the information and communication system set up for the exchange of information among SAs. They should be clearly marked as such by using the specific dedicated functions and tools.

      • Share:
      author avatar
      Richard V

      Previous post

      Guidelines 9/2020 on relevant and reasoned objection under Regulation 2016/679
      November 29, 2020

      Next post

      Guidelines 9/2020 on relevant and reasoned objection under Regulation 2016/679
      November 29, 2020

      You may also like

      Children Safety Encryption www.privacad.com
      Apple’s New Step to Protect Child Abuse via Encryption Feature
      20 August, 2021
      DNA Technology and Privacy www.privacad.com
      DNA Technology Regulation Bill and Violation of Privacy for Minority Groups
      19 August, 2021
      www.privacad.com
      India accuses Twitter of not complying with new IT rules
      18 August, 2021

      Search

      Categories

      • Blog
      • Business
      • Design / Branding
      • Free Data Protection Resources
      • Nederlandse Privacy Academie
      • Uncategorized
      Facebook-f Linkedin-in

      © Privacad 2020

      For all your questions about courses

      students@privacad.com

      For all your questions about Privacad for business

      info@privacad.com

      Links

      • Courses
      • Become a GADPPRO Academy Official Training Entity
      • Resources
      • Free Data Protection Resources
      • Blog
      • Profile
      • Students Stewards Network (SSN)

      Support

      • Privacy Policy
      • Terms of Use
      • FAQs
      • Contact

      © GADPPRO Academy | Privacad 2022

      GADPPRO Academy 2022

      Login with your site account

      Lost your password?

      Not a member yet? Register now

      Register a new account

      Are you a member? Login now