3 minute read
7.2.3 Position of the LSA on the objections
to the HU SA, the breach of the accountability principle is, in addition, supported by the intentional nature of the infringement committed by WhatsApp IE. Therefore, the HU SA argues that the Draft Decision should also find a breach of the principle of accountability set out in Article 5(2) GDPR.
174. The IT SA raised an objection arguing that the Draft Decision should also contain a finding of an infringement of Article 5(1)(a) GDPR. The objection claims that, even though the Draft Decision refers to Article 5(1)(a) GDPR several times, it does not draw a conclusion of an infringement of such provision. The IT SA observes that, given that transparency is the focus of the Inquiry and consequently of the Draft Decision, and that Article 5(1)(a) GDPR has a general, overarching nature, the Draft Decision should include a finding of infringement of that provision.
Advertisement
7.2.3 Position of the LSA on the objec tions
175. The LSA considered that the objection raised by the HU SA with regard to the possible infringement of Articles 5(1)(a) and 5(2) GDPR was not relevant and reasoned, since it fell outside the scope of the Inquiry 164 . Nonetheless, the LSA acknowledged that the objection regarding the possible infringement of Article 5(1)(a) GDPR could be followed considering that it is consistent with the scope and findings of the Draft Decision, subject to allowing WhatsApp IE the right to be heard before taking a final decision on the matter 165. Fu rthermore, the IE SA also expressed its intention to follow the objection raised by the HU SA with regard to the possible infringement of Article 5(2) GDPR, should an infringement of Article 5(1)(a) GDPR be found, considering that the accountability principle is closely interconnected with the obligation of the controller to comply with the principle of transparency 166 . As before, this would be subject to allowing WhatsApp IE the right to be heard before taking a final decision on the matter.
176. Despite this, the responses received from the CSAs showed that there was no single proposed compromise position that could be agreed upon by all of the relevant CSAs. The IE SA clarified that the Article 65 GDPR referral was made under the circumstances where the objections made by the CSAs were not followed 167 .
177. The LSA considered that the objection raised by the IT SA with regard to the infringement of Article 5(1)(a) GDPR was not relevant and reasoned, since it fell outside the scope of the Inquiry 168 . Nonetheless, the LSA acknowledged that it would be consistent with the scope and findings of the Draft Decision to follow the objection, subject, as mentioned above, to allowing WhatsApp IE to exercise its right to be heard before taking a final decision on the matter 169 .
178. Despite this, as explained above, the responses received from the CSAs showed that there was no single proposed compromise position that was agreeable to all of the relevant CSAs. For the sake of completeness, the EDPB takes note that the IT SA welcomed the proposal by the IE SA in its response. The IE SA clarified that the Article 65 GDPR referral was made in circumstances where it does not propose to follow the objections raised by the CSAs 170 .
164 IE SA Composit e Re sponse, p aragraph 12. 165 IE SA Composit e Re sponse, p aragraph 14 and 18(a). 166 IE SA Composit e Re sponse, p aragraph 18(b)(i). 167 See paragraph 13 above. 168 IE SA Composit e Re sponse, p aragraph 12. 169 IE SA Composit e Re sponse, p aragraph 14 and 20(b). 170 See paragraph 13 above.
