Source: European Parliament
EU law requires the members of the national Data Protection Authorities (DPAs) to be appointed by means of a transparent procedure and that they have the qualifications, experience and skills, in particular in the area of the protection of personal data, required to perform their duties and exercise their powers[1].
The Commission has observed that heads of DPAs have a diversity of background and experience prior to their appointment, before effectively exercising their tasks. For instance, it is not unusual that in some Member States the heads of DPAs come from the high public administration.
The Commission notes that the new members of the Bulgarian DPA have been elected by the National Assembly on 9 May 2025 by means of a transparent procedure[2].
As demonstrated by past actions, t he Commission is attaching utmost importance to the requirement of independence of the DPAs.
The Commission will therefore continue to closely monitor the situation in all Member States as regards the full and effective independence of national DPAs.
- [1] Article 53(1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4.5.2016, p. 1-88.
- [2] https://www.parliament.bg/en/theme-site/ID/78.