In each case, the Litigation Chamber concluded – in a manner that may lead to controversy – that the (internal and external) DPOs appointed did not meet the requirements of the GDPR. The deadline for filing an appeal is still running in relation to these decisions, but it is already useful to look at the Litigation Chamber’s position on this topic.
It remains to be seen what position the Luxembourg data protection authority will take on the position of the DPO. CNPD guidance on the role of the DPO can be expected in the coming months as the CNPD has investigated +/- 20 undertakings and organisations in 2019 and has indicated that it would publish some guidance on the obligation to appoint a DPO and the functioning of the latter.
Click here to read the full article
Source: Agefi - May 2020