Web browser company Brave has released a report on Europe's GDPR Regulators, and it highlights how European Member State governments have failed to develop tech enforcement capacity to deliver on GDPR and that they are currently under-resourced with no immediate signs of improvement.
The report states "European Member State governments have failed to develop tech enforcement capacity to deliver on the GDPR. 3% Of the 680 staff at the UK ICO focus on tech 21 Number of tech enforcement roles at the Irish DPC 305 Number of tech specialists in Europe's DPAs."
Other instances of lack of resource include:
"● Only six national DPAs have more than ten specialist tech investigation staff.
● Seven data protection authorities have two tech specialists or less.
● Half of all national DPAs receive small (€5 million or less) annual budgets from their governments.
● The Irish Data Protection Commission is Google and Facebook's 'lead authority' GDPR regulator in Europe. But while the number of complaints it deals with is accelerating, increases to its budget and headcount are decelerating.
● The UK's Information Commissioner's Office (ICO) is by far the biggest and most expensive national DPA to operate. But only 3% of its staff are tech specialists.
● Increases to DPA budgets peaked for the application of the GDPR. Governments have now slowed this increase.
● Almost a third (29%) of all of the EU's tech specialists work for one of Germany's Länder (regional) or federal DPAs. All other EU countries are far behind Germany"
The full report can be found here https://brave.com/wp-content/uploads/2020/04/Brave-2020-DPA-Report.pdf