On Wednesday, January 28, 2015, better known as “Data Protection Day,” the Belgian Under-Secretary for Data Protection Bart Tommelein called for the creation of an EU Data Protection Authority. He intends to present this position of the Belgian Government to the informal meeting of Ministers of Justice and of the Interior in Riga (Latvia). The authority would be responsible for handling investigations against global companies, something national regulators would be ill-equipped to do. His chances of success are probably limited.
The current EU data protection regime only mandates the creation of independent “national” data protection authorities (possibly with regional ones for federations such as Germany) and a European Supervisor for compliance within EU institutions. While, the proposed Data Protection Regulation, which still under discussion, would create an European Data Protection Board, it is not anticipated to have sanctioning powers. Moreover, Member States so far opposed the creation of a more robust EU body. On the contrary, the latest texts suggest they intend to reduce the powers of the Board even further. In this context, the announced Belgian initiative appears to swim against the current.