In which cases is the dispute resolution mechanism of Art. 65.1 (c) GDPR triggered?
While Art. 65 (a) and (b) relate to the one-stop-mechanism, Art.65.1 (c) GDPR concerns obligations of Data Protection Authorities (DPAs) stemming from the consistency mechanism.
More specifically, every competent DPA has the duty to request an opinion from the EDPB before adopting national measures pursuant to article 64.1 GDPR. Such measures include lists of processing operations for which a Data Protection Impact Assessment (DPIA) is required, or the approval of a new set of standard clauses. In addition, under Art. 64.2 GDPR, any SA may also request an EDPB consistency opinion on any matter of general application or producing effects in more than one Member State.
If an DPA does not request the opinion of the EDPB for the cases listed under Art. 64.1 GDPR or does not follow the EDPB opinion issued under Art. 64 GDPR, any DPA and the European Commission can launch the dispute resolution procedure of Art. 65.1 (c) GDPR about the matter.
The European Data Protection Supervisor (EDPS) is the European Union’s (EU) independent data protection authority.
The EDPS is responsible for monitoring the processing of personal data by the EU institutions, bodies, offices and agencies (EUIs) as well as providing advice on policies and legislation that affect privacy and cooperating with similar authorities to ensure consistent data protection.