GDPR procedural priority rule
Article(s) involved (national, EU, or other):
A certain set of processing operations can trigger different laws (concurrence of laws). For instance, when cookies are concerned, the installation of the trackers activates Article 5(3) privacy and its national transposition, including the SA’s territorial and material competence. Whatever happens afterwards (further processing) triggers the GDPR instead. In some cases, this may be problematic. because ePrivacy rules are scattered and often inconsistent.
When the GDPR and other applicable law are concurrently applicable, we should propose some sort of “GDPR procedural priority rule”. In other words, GDPR territorial and material competence should prevail and also cover the previous phase (see also next point).
There is no concept that directly deals with that. Under Concept 2 the national law applies.