The independence requirement for national data protection supervisory authorities.

Some thoughts from the Romanian perspective.

The General Data Protection Regulation (GDPR) has very specific rules for the national authorities entrusted to monitor the application of the GDPR, in order to protect the fundamental rights and freedoms of individuals (supervisory authorities). More specifically, the supervisory authorities need to “act with complete independence in performing [their] tasks and exercising [their] powers”, while their members must “remain free from external influence” (article 52 GDPR). There are also specific requirements in terms of who can be a member of a supervisory authority, in the sense that they must “have the qualifications, experience and skills, in particular in the area of the protection of personal data, required to perform [their] duties and exercise [their] powers”, and be “appointed by means of a transparent procedure” (article 53 GDPR).