Data Protection in Malta

National data protection authority in Malta

EU regulation

Enforcement of the GDPR is the prerogative of data protection regulators, known as supervisory authorities (for example, the Cnil in France or the ICO in the UK). The European Data Protection Board (the replacement for the so-called Article 29 Working Party) is comprised of delegates from the supervisory authorities, and monitors the application of the GDPR across the EU, issuing guidelines to encourage consistent interpretation of the Regulation.

The GDPR creates the concept of lead supervisory authority. Where there is cross-border processing of personal data (ie, processing taking place in establishments of a controller or processor in multiple Member States, or taking place in a single establishment of a controller or processor but affecting data subjects in multiple Member States), then the starting point for enforcement is that controllers and processors are regulated by and answer to the supervisory authority for their main or single establishment, the so-called lead supervisory authority (Article 56(1)).

However, the lead supervisory authority is required to cooperate with all other concerned authorities, and a supervisory authority in another Member State may enforce where infringements occur on its territory or substantially affect data subjects only in its territory (Article 56(2)).

The concept of lead supervisory authority is therefore of somewhat limited help to multinationals.


Malta regulation

The Information and Data Protection Commissioner (Commissioner). Informally, the Office of the Information and Data Protection Commissioner (OIDPC).

Level 2, Airways House
Second Floor
High Street
Sliema SLM 1549
Malta

T: +356 2328 7100
F: +356 23287198

[email protected]

www.idpc.org.mt

The Commissioner has the function (among others) of generally protecting individuals' data protection rights against privacy violations in personal data processing. 

Continue reading

  • no results

Previous topic
Back to top