The High Court, in a 197-page judgment, has dismissed a legal challenge against a decision by the Data Protection Commission (DPC) to commence an “own volition” inquiry into the applicant’s data transfers to its parent company in the US, and to issue a preliminary draft decision (PDD) proposing to suspend such transfers.
The applicant brought judicial review proceedings against the DPC, alleging that the inquiry and PDD were unlawful on a number of procedural grounds. In particular, the applicant claimed that the DPC had breached its legitimate expectation that the DPC would follow the statutory inquiry procedure set out in its Annual Report for 2018, on its website, and that it had adopted in other inquiries. The applicant also claimed the DPC had breached its right to fair procedures by failing to conduct an investigation/inquiry before reaching a decision. The High Court rejected all of the applicant’s grounds of challenge, finding that the DPC’s decision to commence an inquiry and issue the PDD, along with the associated procedural steps, were lawful.
The proceedings concerned the procedural rights and obligations of the parties in the context of the DPC’s inquiry following Schrems II, rather than the merits of the DPC’s preliminary views in the PDD.