EU Commission closes two infringement procedures against Austria as it transposed EU rules on violations of the former Data Protection Directive
Today the Commission decided to close two infringement procedures against Austria concerning the former Data Protection Directive (Directive (EC) 1995/46) which has since been replaced by the General Data Protection Regulation (EU) 2016/679 (GDPR).
The cases remained open because the issues – which concerned several limitations to data subjects’ rights due to the Austrian Data Protection Law of 2000 and some sectorial Austrian legislation – were still relevant for the implementation of the GDPR.
The GDPR regulates the processing of personal data by an individual, a company or organisation as well as most public authorities in the EU.
With the entry into application of the GDPR, there is now one set of data protection rules for most public authorities and all private sector players operating in the EU, regardless of where they are based. The Data Protection Directive had to be fully transposed by Member States by 25 May 2018.
The Commission considers that the new Austrian data protection provisions, by which the GDPR is being implemented, solved the issues concerned in the infringement procedures. Therefore the Commission decided to close the cases.