Abstract
Courts of auditors fulfil a key function within a state’s constitutional structure. One of their most important responsibilities is to strengthen the citizens’ trust in the state and in politics by controlling the state‘s financial management. In order to perform this task, the courts of auditors need thorough insight into administrative proceedings, even in those that contain personal data. Therefore, the external financial control can come into conflict with the involved persons’ right to informational self-determination. If the GDPR applied in full to the courts of auditors’ processing activities, this could - in turn - interfere with their constitutionally protected independence. On closer examination, it becomes clear that audit and data protection authorities maintain a special relationship of cooperation. Their respective competency of control is reciprocally limited as required by their particular independence. As a consequence, courts of auditors have to be treated in analogy to courts of justice, which the GDPR explicitly privileges. Thus, courts of auditors are subject to data protection law, but (inter alia) released from the data protection authorities’ supervision.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
