The Supreme Court has decided that court decisions will not be made public until a legal framework is established in relation to the EU’s General Data Protection Regulation (GDPR) or if it decides otherwise.
Court judgments stopped being published in Cyprus since May 25, the date on which the GDPR came into force.
The Supreme Court discussed the matter on Wednesday in a special session and decided to recommend the “adoption of special legislation on the implementation of the regulation along the lines of laws established in the UK and the Republic of Ireland, where English Common Law is enforced, just like Cyprus.”
The court also decided to establish a procedural rule or practice directive to guide first instance courts when drafting and publishing decisions.
“Until the adoption of a legal framework for the implementation of the Regulation in the Republic of Cyprus, court decisions will not be published temporarily unless the Supreme Court decides otherwise,” a statement said.
The GDPR replaces the bloc’s patchwork of rules dating back to 1995 and heralds an era where breaking privacy laws can fetch fines of up to 4 per cent of global revenue or €20m, whichever is higher, as opposed to a few hundred thousand euros.
Many privacy advocates around the world have hailed the new law as a model for personal data protection in the internet era and called on other countries to follow the European model.
Critics, though, say the new rules are overly burdensome, especially for small businesses, while advertisers and publishers worry it will make it harder for them to find customers.
The GDPR clarifies and strengthens existing individual privacy rights, such as the right to have one’s data erased and the right to ask a company for a copy of one’s data.
But it also includes entirely new mandates, such as the right to transfer one’s data from one service provider to another and the right to restrict companies from using personal data.