Print

EDPS Powers

Article 58 of Regulation (EU) 2018/1725 confers the EDPS a wide range of powers for the performance of his tasks. The Europol Regulation, the EPPO Regulation and the Eurojust Regulation confer the EDPS specific powers.

When deciding on the use of our powers, we follow the approach that we consider to be the most likely to produce positive results for the data subjects, on a case-by-case basis. We choose from a scale ranging from providing informal advice to using our enforcement powers, including our investigative powers. 

Our investigative powers include audits to verify compliance; we choose the targets of our audits from a risk-based annual plan. We also carry out investigations into topics of interest. The triggers for such investigations can be either information received from third parties (complaints, press reports, etc.) or our own initiative. 

When EU institutions do not comply with the data protection rules, the EDPS can use corrective powers, such as:

  • Warn or admonish the EU institution which is unlawfully or unfairly processing your personal information;
  • Order the European institution to comply with requests to exercise your rights (e.g. access to your own data);
  • Impose a temporary or definitive ban on a particular data processing operation;
  • Impose an administrative fine on EU institutions;
  • Refer a case to the Court of Justice of the European Union.

Learn more with our infographic.

 

 

26
Jan
2021

Investigation on the personal data processing activities of the European Parliament’s Wi-Fi network services

EDPS Decision on the own initiative investigation on the personal data processing activities of the European Parliament’s Wi-Fi network services (case 2019-0971)

"Redacted version for public release"

Available languages: English

 

 

2
Jul
2020

Outcome of own-initiative investigation into EU institutions’ use of Microsoft products and services

This paper presents the issues raised by the EDPS’ own-initiative investigation into European institutions’, bodies’, offices’ and agencies’ (‘EU institutions’) use of Microsoft products and services. These findings and recommendations from the investigation are likely to be of wider interest than just of the EU institutions: they may be of particular interest to all public authorities in EU/EEA Member States.

PDF
Available languages: English
EPUB
Available languages: English
HTML
Available languages: English

 

23
Mar
2020

EDPS closes investigation into European Parliament’s 2019 election activities

The European Data Protection Supervisor (EDPS) has closed its investigation into the European Parliament’s use of a US-based political campaigning company to process personal data as part of its activities relating to the 2019 EU parliamentary elections. The contract between the European Parliament and NationBuilder came to a natural end in July 2019 and all data collected has been transferred to the European Parliament’s servers, the EDPS announced today.

Available languages: English