To uphold fundamental rights, individuals must have access to remedies that are both effective in law and in practice.
This European Union Agency for Fundamental Rights (FRA) report presents the findings of a sociolegal research project on the main challenges and barriers that individuals encounter when seeking remedy after a data protection violation.
It supplements FRA’s previous research on the role of national data protection authorities (DPAs) in the fundamental rights landscape as well as FRA’s Opinion on the proposed EU data protection reform package.
To understand how data protection violations are remedied in practice, FRA interviewed key players involved in the remedial process: victims of the data protection violations, representatives of the DPAs, non‑governmental organisations (NGOs) and legal professionals.
This FRA report identifies factors hampering the effectiveness of existing remedy mechanisms. It highlights a persistent lack of knowledge about the protection of personal data. Individuals therefore do not understand what constitutes a data protection violation. When they are informed, they address their complaint to national DPAs, which are key players in the fundamental rights landscape in the European Union. These, however, often suffer from a lack of adequate resources and powers. FRA findings also show that judges and lawyers are not aware of data protection
rules. Too few are specialised in this area of law, rendering judicial enforcement of this fundamental right difficult. In the absence of specialised NGOs, the burden falls on DPAs to effectively guarantee data protection.
In offering suggestions for the EU and its Member States on how to strengthen the role of DPAs and legal professionals, as well as civil society organisations, this report contributes to making justice in the area of data protection more accessible across the EU. It comes as timely advice given the ongoing reform of the data protection rules in Europe and it will hopefully contribute to this important reform process.