The European Data Protection Board criteria of territorial competence of supervisory authorities to enforce Article 5(3) of the ePrivacy Directive
On 18 June 2021, the EDPB adopted internal document No. 04/2021 on the criteria for the territorial competence of supervisory authorities for the enforcement of Article 5(3) of the ePrivacy Directive.
Problem of territorial application
In view of recent decisions adopted by some SAs that are competent to enforce Article 5(3)
of the ePrivacy Directive[1], the EDPB has issued an Opinion aimed at establishing a uniform interpretation regulations of the territorial jurisdiction of SAs responsible for the enforcement of Article 5(3). Decisions adopted by SAs have shown that the territorial scope of application of the Directive may vary between different SAs, particularly where the controller/service provider is established in several Member States. Uncertainties on this issue could jeopardize decisions adopted by SAs across the Union.