how do data protection authorities prevent/track the use/unwanted use of personal data?

Hi!

Im currently working on my law dissertation. My question is 'Should EU member states & UK monitor and enforce data protection regulation more stringently in order to protect citizens' Article 8 right to Privacy under ECHR'- or something along those lines. I have a question that I cannot find the answer to online. I know data usage and sharing is monitored and 'enforced' by elected DPA's (data protection authorities) and supervisory authorities, but how do they do this and how can they ensure that a company is not using an individuals' personal data if the individual either declines or withdraws consent? What is stopping a company from continuing to sell/track data? Does it take a breach to identify this?

Is data protection regulation, more curative or genuinely protective, as I know only about 32% of companies comply with GDPR as it is.

idk whether this is the most relevant sub to post in for this topic, but any help would be greatly appreciated!

​

submitted by /u/pindropinthesilence
[link] [comments]

from /r/Technology https://ift.tt/3cDHMhk