Ms Helen Dixon:

We rotate attendance. As of April this year the Irish Data Protection Commission requested a standing slot on the agenda of the European Data Protection Board, EDPB, meetings where we could proactively provide an update in respect of the "big tech" cases that we are handling and the progress on them and any issues that are arising in terms of co-operation procedures between the data protection authorities around these investigations. By that, I am referring in part to that IMI IT platform that we use to share details on cases between us.

A number of issues have arisen for us as a board in the first year in terms of complaints that have been lodged with a data protection authority in an EU member state that then have to be transmitted to the Irish DPC for investigation. There have been issues in terms of translation of the complaints and timeframes involved in transmitting the case to the Irish Data Protection Commission. In those cases, we are obliged to communicate with the complainant back through the originating data protection authority. We have a journey to go as a board in terms of smoothing out all of those handoffs that have now become part of the process.

Issues have also arisen in the first year around different administrative law procedure in the different EU member states. While we are conducting an investigation, we would never release full information on the investigation while it is under investigation, and the transparency rules in other member states and their administrative laws have different procedures that impact on those issues.

We are very active members of the European Data Protection Board. We have led as rapporteur on some of the big guidance projects that the EDPB has undertaken in terms of publishing guidance. Ultimately when we complete the decision-making process on these investigations we have under way - I mentioned earlier that under Article 60 of the GDPR I cannot finalise a decision on my own; I must transmit it as a draft and allow every other EU data protection authority that is concerned with the issue give input. Any of those data protection authorities or a multiple of them can raise what is called a relevant and reasoned objection to any part of my draft decision. I am then obliged to try to reconcile what they raise with me as an objection with my findings. Ultimately if I cannot, under Article 65 of the GDPR I then institute the dispute resolution mechanism of the European Data Protection Board. This is the area where it has a decision-making function. It first of all decides if it is a relevant and reasoned objection that has been raised with me and, second, it may opt to take over the decision-making in respect of the-----