Maria Magierska
@mariamagierska.bsky.social
ECPC Maastricht University Senior Lecturer, PhD Researcher European University Institute in Florence, editor European law blog , ex-NOYB, ex-European Parliament Press Officer.
data protection, eu administrative law and books
data protection, eu administrative law and books
I was just once again going through these, and it was for me shocking how it’s the same discussion all over again, not only in the context of the GDPR but also the DSA, DMA, DACT, DGA and the AI Act.
Nothing new but also not sure whether we learned much during these 30 years.
Nothing new but also not sure whether we learned much during these 30 years.
October 22, 2025 at 2:16 PM
I was just once again going through these, and it was for me shocking how it’s the same discussion all over again, not only in the context of the GDPR but also the DSA, DMA, DACT, DGA and the AI Act.
Nothing new but also not sure whether we learned much during these 30 years.
Nothing new but also not sure whether we learned much during these 30 years.
and so sources, many dating back to the late 1980s-mid1990s, on the DPAs scarce resources! This quote from @douwekorff.bsky.social ended up as an inspiration for my work: the DPAs “see themselves much more like advisors, facilitators, and conciliators than as policemen: referees rather than Rambos”
October 22, 2025 at 2:16 PM
and so sources, many dating back to the late 1980s-mid1990s, on the DPAs scarce resources! This quote from @douwekorff.bsky.social ended up as an inspiration for my work: the DPAs “see themselves much more like advisors, facilitators, and conciliators than as policemen: referees rather than Rambos”
For example, the Commission initially opposed introducing the rules because it would “hurt the businesses”. Eventually, the narrative has shifted after the debate was reframed into “internal market building” (according to a very interesting book by @abenewman.bsky.social thanks to the DPAs).
October 22, 2025 at 2:16 PM
For example, the Commission initially opposed introducing the rules because it would “hurt the businesses”. Eventually, the narrative has shifted after the debate was reframed into “internal market building” (according to a very interesting book by @abenewman.bsky.social thanks to the DPAs).
Reposted by Maria Magierska
Next was an engaging panel on risks to GDPR and digital privacy more broadly with @ellenoregan.bsky.social, @mariamagierska.bsky.social, Anja Wyrobek, @marianods.bsky.social, and Jesper Lund at EDRi www.youtube.com/live/EokGEfs... (4/7)
Privacy Camp 2025: room Salle des Arches
YouTube video by European Digital Rights
www.youtube.com
October 1, 2025 at 4:25 AM
Next was an engaging panel on risks to GDPR and digital privacy more broadly with @ellenoregan.bsky.social, @mariamagierska.bsky.social, Anja Wyrobek, @marianods.bsky.social, and Jesper Lund at EDRi www.youtube.com/live/EokGEfs... (4/7)
7. Finally, collective private enforcement is the future, and how the Representative Actions Directive will be applied may bring new developments into the enforcement system (see today's POLITICO Europe!).
July 18, 2025 at 2:25 PM
7. Finally, collective private enforcement is the future, and how the Representative Actions Directive will be applied may bring new developments into the enforcement system (see today's POLITICO Europe!).
6. Institutional cooperation will only increase - and we will need a reliable legal basis for that which goes into more detail outside of the 'sincere cooperation' provision.
July 18, 2025 at 2:25 PM
6. Institutional cooperation will only increase - and we will need a reliable legal basis for that which goes into more detail outside of the 'sincere cooperation' provision.
5. The EDPB has real powers and little accountability - with a view to change with the recent jurisprudence (not only the Tuesday's case, but also the Meta/Whatsapp admissibility dispute and the Ombudsman vs. EDPB action).
July 18, 2025 at 2:25 PM
5. The EDPB has real powers and little accountability - with a view to change with the recent jurisprudence (not only the Tuesday's case, but also the Meta/Whatsapp admissibility dispute and the Ombudsman vs. EDPB action).
4. DPAs are free to exercise their powers, but the CJEU gradually clarifies what the scope of that freedom is - and it is much narrower than it might seem.
July 18, 2025 at 2:25 PM
4. DPAs are free to exercise their powers, but the CJEU gradually clarifies what the scope of that freedom is - and it is much narrower than it might seem.
3. Divergent national administrative procedures hamper the effective enforcement, and there are limits to what can be regulated. What is critical is the harmonised guarantee of procedural rights in the procedure, particularly when the case reaches the EDPB (congrats noyb.eu for this week's win!)
July 18, 2025 at 2:25 PM
3. Divergent national administrative procedures hamper the effective enforcement, and there are limits to what can be regulated. What is critical is the harmonised guarantee of procedural rights in the procedure, particularly when the case reaches the EDPB (congrats noyb.eu for this week's win!)
2. A complaint is not a petition, and a complainant *is* a party to the procedure - and the complaint mechanism is the cornerstone of the data protection enforcement system.
July 18, 2025 at 2:25 PM
2. A complaint is not a petition, and a complainant *is* a party to the procedure - and the complaint mechanism is the cornerstone of the data protection enforcement system.
We argue that there are seven lessons to be drawn from the first seven years:
1. Effective enforcement is key, but fines are not the only option - and other corrective measures, such as bans on the processing, can be more successful.
1. Effective enforcement is key, but fines are not the only option - and other corrective measures, such as bans on the processing, can be more successful.
July 18, 2025 at 2:25 PM
We argue that there are seven lessons to be drawn from the first seven years:
1. Effective enforcement is key, but fines are not the only option - and other corrective measures, such as bans on the processing, can be more successful.
1. Effective enforcement is key, but fines are not the only option - and other corrective measures, such as bans on the processing, can be more successful.