A supervisory authority must first prove that the applicant has abusive intentions. The background was a complaint from a citizen to the Austrian data protection authority.
The Austrian complained there because a company had not responded to his request for information about his personal data within a month. The data protection authority refused to deal with the complaint because the same person had made 77 similar complaints against different controllers within 20 months. She had referred to the EU General Data Protection Regulation (GDPR). Accordingly, the supervisory authority can “charge a reasonable fee or refuse to act in the case of obviously unfounded or – especially in the case of frequent repetition – excessive requests (…).”
“}”>
Image: Apa/Epa/Julien Warnand
Source: Nachrichten
