An independent, duly-resourced body should oversee compliance with data protection principles.
- Each Member State shall provide for one or more independent public authorities to be responsible for monitoring the application of this Regulation, in order to protect the fundamental rights and freedoms of natural persons in relation to processing and to facilitate the free flow of personal data within the Union (‘supervisory authority’).
- In implementing these Guidelines, Member countries should: (…) c) establish and maintain privacy enforcement authorities with the governance, resources and technical expertise necessary to exercise their powers effectively and to make decisions on an objective, impartial and consistent basis.
- The General Assembly (...) 6. Calls upon all States: (...) (g) To consider adopting and implementing data protection legislation, regulation and policies, including on digital communication data, that complies with their international human rights obligations, which could include the establishment of national independent authorities with powers and resources to monitor data privacy practices, investigate violations and abuses and receive communications from individuals and organizations, and to provide appropriate remedies.
- The General Assembly (...) 6. Calls upon all States: (...) (d) To establish or maintain existing independent, effective, adequately resourced and impartial judicial, administrative and/or parliamentary domestic oversight mechanisms capable of ensuring transparency, as appropriate, and accountability for State surveillance of communications, their interception and the collection of personal data.
- A supervisory authority, which acts with complete independence and impartiality, ensures compliance with data protection legal frameworks.