Abstract

The ability of data protection authorities (DPAs) to gain and deploy sufficient knowledge of new technological developments in their regulation of personal-information practices is an important consideration now and for the future. However, DPAs’ capacity to keep abreast of these developments has been questionable, and improvements in this are a matter of concern, especially given DPAs’ task requirements under the European Union’s (EU) General Data Protection Regulation (GDPR). This article reports the findings of a recent survey of EU DPAs that explore the problems they have in comprehending new technologies and how they are dealing with them.