Effective procedure – differences in confidentiality requirements among SAs
Article(s) involved (national, EU, or other):
In theory, confidentiality requirements could hinder SAs to exchange relevant information in the IMI system with other SAs or the EDPB. The Lux SA, for instance, shall only be authorized to share information with these authorities on the condition that these authorities, bodies and persons are covered by an obligation of professional secrecy equivalent to that cited in their own national GDPR implementation act.
The regulation should ensure that SAs are not subject to confidentiality constraints to exchange information between SAs and between SAs and the EDPB, since all of them are already subject to confidentiality obligations under the GDPR, which are enough to support the exchange of information in full confidence. .
Concepts 2 should take care of the matter. EU law on commercially sensitive matters are alreadyl unifying the protections.