The aim of this paper is to analyse the national Member States’ laws that have implemented the GDPR in the field of automated decision-making.
The Future of Privacy Forum has conducted a new analysis that resulted in this Report presenting an overview of the regulatory strategies of DPAs for 2021-2022.
This update covers developments only between the last date of coverage of the Commentary (1 August 2019) and 1 January 2021 (with a few exceptions when it has been possible to take later developments into account). It is limited to selected Articles of the GDPR.
This report aims to raise the awareness of the general audience and serve as a resource to policy shapers and practitioners in the public and private sectors to help frame the debate around data.
The study finds that while the General Data Protection Regulation (GDPR) lays down horizontal directly applicable rules in all Member States, there remains variation in the range of national-level legislation linked to its implementation in the area of health.