Europe fast-tracks its Big Tech privacy cases – POLITICO

The law has a “one-stop-shop” mechanism, which puts one national data protection authority in the driver’s seat for cross-border investigations. In many cases that means Ireland’s Data Protection Commission takes the lead, as it oversees tech giants that are headquartered in the country including Meta, Google, Apple and X.

Ireland’s caution to hit Big Tech with hefty fines has been a source of frustration across Europe for years, and has driven a wedge between Dublin and other European regulators that favor a tougher stance on privacy enforcement.

The European Commission in 2023 proposed the new law as a steroids shot to stop big privacy cases from sputtering or stalling.

National government representatives, European Parliament members and Commission officials met in Strasbourg to hammer out the last details on Monday. Two key issues were final sticking points: the length of time that data protection authorities have to wrap up investigations, and the legal remedies if those timelines aren’t respected.

Negotiators agreed on a overall investigation deadline of 15 months, which can be extended by 12 months for the most complex cases, the European Council confirmed in a press release.

There will also be a new simplified cooperation procedure between national data protection authorities for more straightforward cases, where investigations should be wrapped up within 12 months (though it includes a possible extension to give time for national legal procedures).