Spainish Data Protection Authority (AEPD) publishes (its long waited) 2019 report

One of the most relevant milestones in the preventive level for its social impact has been the launch of the Priority Channel to request the urgent elimination of violent or sexual content on the Internet that, accompanied by an awareness campaign that has been selflessly collaborated by many public and private actors, has positioned the AEPD as the only European data protection authority to offer this pioneering service to combat gender-based violence and, more broadly, so-called digital violence, which particularly affects women and young people in the school environment.

50.326 Data Protection Delegates.

This year is the first in which the implementation of the Regulation covers its entirety, and it is important to review the important role played in the compliance of the figure of the Data Protection Officer. At the end of the financial year, a total of 50,326 Data Protection Delegates had been notified to the Agency.

Increased security gaps by 400%

Cross-border procedures have risen in 2019 by 33% and notifications of security breaches to inspection have grown from 16 in 2018 to 79 in 2019, an increase of almost 400%.

With regard to cross-border procedures, it should be noted that cases led by the AEPD as the lead authority have increased from 15 in 2018 to 21 in 2019 and, in cooperation as an interested authority, 229 to 565 cases have been passed, an increase of 147%

The Evaluation and Technological Studies Unit, whose creation, three years ago, has proven its effectiveness, to the point of consolidating today as one of the strategic units of the Agency.

Among its activities, several studies and collaborations regarding data protection on mobile devices and Internet services in general stand out. The conclusions obtained have shown that there are significant gaps in the regulatory compliance of data processing through smartphones. The problems focus on the lack of transparency at the time when data collection is carried out and on user tracking mechanisms, incomplete information about the processing carried out, a scheme of permissions for the communication of personal data between applications that allows the filtering of data to third parties, the existence of numerous pre-installed applications on devices that cannot be controlled by the user or the use of libraries by the user or the use of libraries by the app developers who do not meet privacy measures from the design or by default. This problem is not driven by timely stakeholders, but affects the globality of the mobile-based business model: manufacturers, distributors, operators, developers and service providers globally.

Creation of the Priority Channel to request the urgent removal of violent or sensitive content on the Internet.


Creation of the Evaluation and Technological Studies Unit Analysis of 1,700 security breaches.

One of the most worked aspects of these years has been the protection of the rights of minors.

  • Evaluation and Technological Studies Unit (UEET).
  • Advise the AEPD Directorate, as well as its various units, on technological issues.
  • Promote data protection as a factor of trust and quality assurance for the benefit of the economic development of society.
  • Drive measures to ensure the compatibility of technological development with privacy.
  • Manage the Security Gap Registry.

(…) please let us know if you would like more information.

Leave an answer

Your email address will not be published.

The company processes your data to facilitate the publication and management of comments. You can exercise your rights of access, rectification, deletion and opposition, among others, according to our Privacy policy.