In late January 2019, Bulgaria’s legislature adopted the EU’s GDPR regulation, but the Bulgarian President subsequently vetoed the legislation. The President’s veto centered on concerns that the law didn’t adequately protect data processing related to journalism and academic, artistic, or literary expression.

Background on the Veto

The GDPR allows EU member states discretion in regulating data processing for journalistic and creative purposes. However, Bulgaria’s proposed legislation lacked sufficient legal justification and raised proportionality concerns. The veto emerged after significant pushback from journalists, media associations, and civil society organizations who feared the rules could enable censorship through the Commission for Personal Data Protection (CPDP).

A primary concern was that the legislation as drafted potentially opened the door for censorship concealed behind the controlling powers of the regulatory body. Additional worries included that substantial GDPR fines could financially devastate independent media outlets.

Next Steps

The legislation returned to Bulgaria’s parliament, where lawmakers faced a choice: amend the law or override the presidential veto through legislative action.