About usSupply Chains & LogisticsRetail & EcommerceCyber SecurityThe Future Consumer
EducationAI & Digital TransformationEntrepreneurSustainable BusinessInfrastructure
Career TransformationInternational Women's DayFintechManufacturingEmployee Wellbeing
Transport and MobilityGraduate CareersInnovation & DevelopmentDigital TransformationLife sciences
Future of FoodCircular EconomyBusiness ResilienceInfrastructureWomen in business
Make a differenceFuture of WorkWomen in STEMDiversity and inclusionSustainability
Business
Home » The Power of Data » How the OSS mechanism provides certainty for Irish technology companies
The Power of Data 2024

How the OSS mechanism provides certainty for Irish technology companies

A dedicated mentor is explaining mentees importance of project while sitting at the boardroom in corporate firm.
A dedicated mentor is explaining mentees importance of project while sitting at the boardroom in corporate firm.

Caroline Shanahan

Executive, Technology Ireland

    Austin Dowling

    Senior Executive, Technology Ireland

      Learn about the One Stop Shop (OSS) and the unique role and authority of the Lead Supervisory Authority (LSA) under the General Data Protection Regulation (GDPR).

      2024 marks the sixth anniversary of the implementation of one of the strongest privacy and security laws in the world: the European Union’s GDPR. The GDPR regulates how the personal data of individuals in the European Union (EU) can be transferred and processed and defines obligations, rights, methods and sanctions to ensure compliance across the EU.

      OSS simplifies GDPR compliance navigation

      The OSS mechanism is a core concept of the GDPR. It ensures a simpler and clearer process for individuals to exercise their privacy rights. The OSS allows for a company operating in multiple EU countries to interact with a singular Data Protection Authority (DPA) where it is headquartered — a Lead Supervisory Authority (LSA) — avoiding the need to deal with multiple DPAs.

      The benefits of the OSS are clear; it reduces the administrative burden for organisations and makes it simpler for individuals to exercise their rights. It provides businesses operating cross-border (small, medium and large), as well as data subjects, with legal certainty regarding the competent regulator. It ensures both a consistent process and application of the GDPR.

      Ireland plays an important
      role in upholding the core
      concepts of the GDPR.

      Maintaining OSS crucial for future of GDPR

      The importance of the OSS is increasingly apparent. However, recent EU-level trilogue discussions regarding the GDPR cross-border enforcement regulation require all stakeholders to rally behind the OSS and the unique role of the LSA to ensure they are neither undermined nor diluted. A strong level of compliance can be ensured through a continuous and open dialogue with the LSA, based on mutual trust.

      Any changes may complicate or delay the resolution of data subject complaints or requests, and any degradation of the OSS would introduce inconsistency. This makes it more challenging for organisations to predict and meet their compliance obligations possibly leading to a competitive disadvantage for Europe.

      Ireland’s role in upholding GDPR enhances credibility

      Ireland plays an important role in upholding the core concepts of the GDPR. Our position as a global technology hub means that the Irish DPA will remain at the forefront of GDPR enforcement. Ireland’s attractiveness and competitiveness depend on the OSS mechanism to foster the predictability necessary for the creation of a business-friendly environment.

      The next review of the GDPR in 2028 should build on the recent review and comprehensively evaluate the data protection landscape by assessing the impact of recently adopted legislation.

      Author
      Caroline Shanahan and Austin Dowling
      Next
      Share Share
      Topics
      The Power of Data 2024
      Next article