Neues

The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have adopted a letter, addressed to the European Commission, on the upcoming proposal on the simplification of record-keeping obligation under the GDPR, amounting to a targeted amendment of Art. 30(5) GDPR.

The joint letter replies to the letter sent by the European Commission to the EDPB and the EDPS on 6 May 2025 where the Commission explained how it intends to introduce specific modifications to the GDPR. The EDPB and EDPS understand that a formal consultation will take place after the publication of the proposed legislative change.

The EDPB and EDPS shared that, at this stage, they could express preliminary support to this targeted simplification initiative, bearing in mind that this would not affect the obligation of controllers and processors to comply with other GDPR obligations. Nevertheless, the EDPB and EDPS asked the Commission to better evaluate the impact on the organisation subject to this change, to assess whether the draft proposal ensure a proportionate and fair balance between the protection of personal data and the interests of organisations with less than 500 employees.

Full letter here

The EDPS has developed Guidance for co-legislators on the main elements to consider when developing legislative proposals that imply the processing of personal data.

To celebrate Europe Day, the European institutions are opening their doors to the public on 10 May 2025! Come visit us to discover the engaging activities the EDPS and EDPB have prepared for you. Stop by the EDPS on EU Open Day!

Learn more. 

Der Jahresbericht 2024 des EDSB behandelt das Handeln für die Zukunft des Datenschutzes, die Vorbereitung auf diverse Möglichkeiten und Risiken, die die digitale Landschaft mit sich bringt. Unter der Leitung unserer Strategie 2020-2024 und ihren Grundsätzen: Voraussicht, Handeln und Solidarität, hat der EDSB:

• seine Strategie für künstliche Intelligenz (KI) vorgestellt und Schritte zur Umsetzung unternommen
• Technologien, einschließlich KI-gesteuerter Technologien, überwacht und analysiert
• den EU-Gesetzgeber über anstehende EU-Regulierungen beraten, die direkt die Privatsphäre und den Datenschutz der Menschen betreffen
• den EU-Institutionen (EUI) Instrumente bereitgestellt, um ihre Einhaltung der EU-Datenschutzgesetze sicherzustellen
• die Entwicklung des Datenschutzes auf globaler Ebene beeinflusst. Sie können den vollständigen Jahresbericht 2024 des EDSB und dessen Zusammenfassung einsehen, um mehr über unsere Aufsichtsmaßnahmen, politische und legislative Beratung sowie unsere Technologie-Überwachungsaktivitäten zu erfahren.

Jahresbericht

Zusammenfassung

Pressemitteilung

With our involvement in this fourth Coordinated Enforcement Action, we walk the talk by continuously advocating for a coherent application of EU data protection law, and the consistent protection of individuals’ personal data, across the EU/EEA. 

Read Press Release

The EDPS mandate has been synonymous with adaptability and resilience, with challenges and opportunities in a fast-paced digital landscape. 

• Supervision & Enforcement of data protection laws within EUIs
• Policy & Consultations to the EU Legislator
• Technology & Privacy benefits and risks for now and in the future
• Preparing ourselves for AI... and more.

Read EDPS Mandate Review on key actions to protect people’s privacy.

In this issue, has the European Commission organised a micro-targeting campaign on X? EDPS reprimands EPSO, and organises its first AI correspondents meeting, plus what is a privacy protector? And, as always, there is a lot more in this edition.

Read here

Have a listen

Every year on 28 January, we celebrate Data Protection Day. This date marks the anniversary of the Council of Europe’s Convention 108, the first binding international law securing individuals' rights to protection of their personal data.

Read our factsheets to learn more about your rights

To mark the Data Protection Day, the EDPS, Council of Europe, and CPDP Conferences joined forces to host a one-day event: “CPDP – Data Protection Day: A New Mandate for Data Protection.”

• When: 28 January 2025
• Where: European Commission’s Charlemagne, Brussels
• Format: In-person and online

This year’s conference came at a crucial time as new EU political mandates begin shaping the policy landscape. Discussion focused on the evolving mandate of data protection, particularly its essential role as safeguard of our democratic society against excessive intrusions in the citizens’ privacy by public or private actors.

• Read Blogpost by EDPS Wojciech Wiewiórowski
• Watch the sessions' recordings on the Event Website
• Check the Programme

EDPS organises meeting of AI Correspondents Network to collaborate on three key pillars community, compliance and collaboration. Read Blogpost.