Article 51 of GDPR: Supervisory Authority
Article 51 of GDPR requires that each EU member country establish an independent public authority responsible to enforce data protection laws.
Article 51 marks the beginning of Chapter VI of GDPR titled Independent Supervisory Authorities.
Designation of an independent public authority (Article 51(1) GDPR)
Pursuant to Article 51(1) of GDPR, each EU member country must designate a public and independent body to monitor and enforce the data protection and privacy obligations resulting from GDPR.
Such public authority will be designated as the supervisory authority.
Role of the supervisory authority (Article 51(2) GDPR)
Each supervisory authority is tasked with the duty of ensuring the consistent application of the GDPR regulation throughout the EU.
The supervisory authorities are required to collaborate with one another and with the Commission for the proper advancement of its objectives.
Designation of more than one supervisory authority (Article 51(3) GDPR)
If an EU member country designates more than one supervisory authority, it must ensure the following:
- Designate the supervisory authority that will represent it in the European Data Protection Board
- Establish the procedures to ensure the consistency mechanism is applied
Notification to the Commission (Article 51(4) GDPR)
Once an EU country designates its supervisory authority, it must then notify the Commission of its adopted law along with any subsequent amendment to those laws.
Recitals applicable to Article 51 of GDPR
Relevant Recitals: 117, 118, 119, 120
GDPR Regulation article-by-article overview
Read our comprehensive overview of the GDPR Regulation, article by article, where we summarize each of the 99 articles contained in GDPR to give you a complete understanding of its content.
Cited Legislation in Article 51 or relevant recitals
GDPR Text: Article 51 of GDPR and Relevant Recitals
GDPR Text Source: EUR-Lex
Official GDPR Text: General Data Protection Regulation
Official GDPR Title: REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), corrected by Corrigendum, OJL 127, 23.5.2018, p. 2 ((EU) 2016/679)