From the list of issues, we have derived sixteen “core concepts”, which can provide solutions via high-level principles and rules.

Ideally, these concepts should be abstract enough to capture many problems, with a simple rule or principle that can be included in various provisions throughout the new Regulation.

When developing these principles, we have actively considered existing mechanisms in EU law, such as instruments in procedural rules, which seem to have many common features with GDPR procedures.

Concept 10: Defining ex officio procedures

In some cases, SAs have tried to “push” additional elements into ex officio procedures by LSAs, as there seems to be no mechanism to trigger new ex officio procedures by CSAs. The urge to expand existing procedures could be limited by a Regulation which foresees clear requirements for a CSA to open an ex officio procedure with the LSA. To ensure that CSAs do not overwhelm LSAs, minimum requirements such as ‘probable cause’ and ‘being concerned’ should be introduced.


  • This option would clarify if and when CSAs can raise an case with the LSA even if there is no specific complaint and generate legal certainty on this situation.
  • The option to raise additional elements with the LSA should take pressure off the Article 65 procedure, as there is an alternative to attempts by CSA to add more elements to a pending case.


  • Some SAs may find it unpleasant that colleagues can order them to investigate matters of European relevance, this could be overcome by limiting the power to make such requests (e.g. probable cause, being actually concerned and alike).