Article 52 of GDPR: Independence
Article 52 of GDPR lays out the foundation that supervisory authorities must be independent when exercising their powers under GDPR.
Independent supervisory authorities (Article 52(1) GDPR)
For the compliance of GDPR to be effective, supervisory authorities must be fully independent when exercising their powers and roles.
Independence of supervisory authority members (Article 52(2) GDPR)
In addition, each member of the supervisory authority must:
- Perform its duties as required under GDPR
- Should not be influenced either directly or indirectly
- Must not seek instructions from another body
Incompatible duties prohibited (Article 52(3) GDPR)
A member of the supervisory authority is prohibited from performing duties or accepting an occupation that will be incompatible with their duties during their term of office.
Supervisory authority resources (Article 52(4) GDPR)
Each EU member country must ensure that the supervisory authority has sufficient resources to be able to carry out its functions namely:
- Human resources capacity
- Technical resources
- Financial resources
Supervisory authority staff (Article 52(5) GDPR)
The EU member countries must ensure that the supervisory authorities retain their own staff.
The staff must be under the exclusive authority and jurisdiction of the supervisory authority and nobody else.
Supervisory authority budget (Article 52(6) GDPR)
GDPR also requires that each EU member state provide that the supervisory authorities are subject to financial control in such a way that their independence will not be affected.
The supervisory authority should provide a public annual budget.
Recitals applicable to Article 52 of GDPR
Relevant Recitals: 117, 118, 120, 121
GDPR Regulation article-by-article overview
Read our comprehensive overview of the GDPR Regulation, article by article, where we summarize each of the 99 articles contained in GDPR to give you a complete understanding of its content.
Cited Legislation in Article 52 or relevant recitals
GDPR Text: Article 52 of GDPR and Relevant Recitals
GDPR Text Source: EUR-Lex
Official GDPR Text: General Data Protection Regulation
Official GDPR Title: REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), corrected by Corrigendum, OJL 127, 23.5.2018, p. 2 ((EU) 2016/679)