Article 62
Joint operations of supervisory authorities
There is no recital in the Directive related to article 62.
Regulation
Art. 62 1. The supervisory authorities shall, where appropriate, conduct joint operations including joint investigations and joint enforcement measures in which members or staff of the supervisory authorities of other Member States are involved. 2. Where the controller or processor has establishments in several Member States or where a significant number of data subjects in more than one Member State are likely to be substantially affected by processing operations, a supervisory authority of each of those Member States shall have the right to participate in joint operations. The supervisory authority which is competent pursuant to Article 56(1) or (4) shall invite the supervisory authority of each of those Member States to take part in the joint operations and shall respond without delay to the request of a supervisory authority to participate. 3. A supervisory authority may, in accordance with Member State law, and with the seconding supervisory authority's authorisation, confer powers, including investigative powers on the seconding supervisory authority's members or staff involved in joint operations or, in so far as the law of the Member State of the host supervisory authority permits, allow the seconding supervisory authority's members or staff to exercise their investigative powers in accordance with the law of the Member State of the seconding supervisory authority. Such investigative powers may be exercised only under the guidance and in the presence of members or staff of the host supervisory authority. The seconding supervisory authority's members or staff shall be subject to the Member State law of the host supervisory authority. 4. Where, in accordance with paragraph 1, staff of a seconding supervisory authority operate in another Member State, the Member State of the host supervisory authority shall assume responsibility for their actions, including liability, for any damage caused by them during their operations, in accordance with the law of the Member State in whose territory they are operating. 5. The Member State in whose territory the damage was caused shall make good such damage under the conditions applicable to damage caused by its own staff. The Member State of the seconding supervisory authority whose staff has caused damage to any person in the territory of another Member State shall reimburse that other Member State in full any sums it has paid to the persons entitled on their behalf. 6. Without prejudice to the exercise of its rights vis-à-vis third parties and with the exception of paragraph 5, each Member State shall refrain, in the case provided for in paragraph 1, from requesting reimbursement from another Member State in relation to damage referred to in paragraph 4. 7. Where a joint operation is intended and a supervisory authority does not, within one month, comply with the obligation laid down in the second sentence of paragraph 2 of this Article, the other supervisory authorities may adopt a provisional measure on the territory of its Member State in accordance with Article 55. In that case, the urgent need to act under Article 66(1) shall be presumed to be met and require an opinion or an urgent binding decision from the Board pursuant to Article 66(2). |
Directive
Art. 28 (….). 6. Each supervisory authority is competent, whatever the national law applicable to the processing in question, to exercise, on the territory of its own Member State, the powers conferred on it in accordance with paragraph 3. Each authority may be requested to exercise its powers by an authority of another Member State. The supervisory authorities shall cooperate with one another to the extent necessary for the performance of their duties, in particular by exchanging all useful information. |
Denmark
64. – (1) The Data Protection Agency may, on its own initiative or at the request of another Member State, check that a processing operation of data taking place in Denmark is lawful, irrespective of whether or not the processing operation is governed by the legislation of another Member State. The provisions laid down in sections 59 and 62 shall be correspondingly applicable. (2) The Data Protection Agency may further disclose data to supervisory authorities in other Member States to the extent that this is required in order to ensure compliance with the provisions of this Act or those of the data protection legislation of the Member State concerned. |
United Kingdom
54. International co-operation (1) The Commissioner— (a) shall continue to be the designated authority in the United Kingdom for the purposes of Article 13 of the Convention, and (b) shall be the supervisory authority in the United Kingdom for the purposes of the Data Protection Directive [F1 and the Data Protection Framework Decision]. (2) The [F2 Secretary of State] may by order make provision as to the functions to be discharged by the Commissioner as the designated authority in the United Kingdom for the purposes of Article 13 of the Convention. (3) The [F2 Secretary of State] may by order make provision as to co-operation by the Commissioner with the European Commission and with supervisory authorities in other EEA States in connection with the performance of their respective duties and, in particular, as to— (a) the exchange of information with supervisory authorities in other EEA States or with the European Commission, F3... (b) the exercise within the United Kingdom at the request of a supervisory authority in another EEA State, in cases excluded by section 5 from the application of the other provisions of this Act, of functions of the Commissioner specified in the order [F4, and (c) the exercise within the United Kingdom at the request of a supervisory authority in another EEA State, in cases falling within the scope of the Data Protection Framework Decision as it applies to that State, of functions of the Commissioner specified in the order. ] (4) The Commissioner shall also carry out any data protection functions which the [F2 Secretary of State] may by order direct him to carry out for the purpose of enabling Her Majesty’s Government in the United Kingdom to give effect to any international obligations of the United Kingdom. (5) The Commissioner shall, if so directed by the [F2 Secretary of State] , provide any authority exercising data protection functions under the law of a colony specified in the direction with such assistance in connection with the discharge of those functions as the [F2 Secretary of State] may direct or approve, on such terms (including terms as to payment) as the [F2 Secretary of State] may direct or approve. (6) Where the European Commission makes a decision for the purposes of Article 26(3) or (4) of the Data Protection Directive under the procedure provided for in Article 31(2) of the Directive, the Commissioner shall comply with that decision in exercising his functions under paragraph 9 of Schedule 4 or, as the case may be, paragraph 8 of that Schedule. (7) The Commissioner shall inform the European Commission and the supervisory authorities in other EEA States— (a) of any approvals granted for the purposes of paragraph 8 of Schedule 4, and (b) of any authorisations granted for the purposes of paragraph 9 of that Schedule. (8) In this section— “the Convention” means the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data which was opened for signature on 28th January 1981; [F5 “the Data Protection Framework Decision” means the Council Framework Decision 2008/977/ JHA of 27th November 2008 on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters; ] “data protection functions” means functions relating to the protection of individuals with respect to the processing of personal information. |