Data protection authorities under the EU General Data Protection Regulation - a new global benchmark

While much has been written about data as the new oil of the 21st century, huge data breaches, such as the Snowden revelations or the Cambridge Analytica scandal, have shaken the foundations of democratic societies. As the new international gold standard, the EU General Data Protection Regulation provides for an effective regulatory framework in that area. The most important regulatory actors are so-called data protection authorities (DPAs). Thus, this contribution focuses on a comparative analysis of DPAs in Europe, including a state-of-the-art analysis, a brief discussion of theoretical and methodological challenges, a historical outline as well as latest empirical findings on independence, resources and regulatory handling (particularly fining practices). In the end, promising fields of research as well as future avenues of data protection regulation are sketched out.