Brussels, 12 September - During its September plenary meeting, the European Data Protection Board (EDPB) has adopted guidelines on the interplay between the Digital Services Act (DSA) and the General …

The European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) have jointly issued a new opinion on a European Commission proposal to amend regulations, including the GDPR, simplifying rules for small and medium-sized enterprises (SMEs) and small mid-cap enterprises (SMCs) by extending certain mitigating measures and introducing new definitions. The proposal aims to modify GDPR Article 30 to provide a derogation for record-keeping obligations for enterprises employing fewer than 750 people, as long as processing operations do not pose high risks to individuals' rights. The EDPB and EDPS support the proposal to reduce administrative burdens for SMEs and SMCs while ensuring the protection of individuals' fundamental rights. They welcomed the targeted modifications to record-keeping obligations and emphasized the importance of compliance tools like codes of conduct and certification, urging further clarifications on the impact of the proposed thresholds and definitions on affected organizations.

The European Data Protection Board (EDPB) adopted a Statement in Helsinki aimed at making GDPR compliance easier for organizations, particularly small and medium ones, to strengthen consistency and enhance cross-regulatory cooperation. EDPB Chair Anu Talus emphasized the importance of aligning technological advancements with fundamental rights to ensure a stronger digital economy, and the EDPB will provide resources like templates and checklists to simplify GDPR compliance.

The European Data Protection Board (EDPB) recently finalized guidelines on data transfers to third country authorities, clarifying conditions for lawful responses to requests for personal data transfers from non-European countries. Additionally, the EDPB launched two projects focusing on training materials for artificial intelligence and data protection specifically aimed at legal professionals and others involved in AI security and compliance.

The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have voiced preliminary support for a proposed simplification of record-keeping obligations under the GDPR, while urging the European Commission to ensure a fair balance between data protection and the interests of organizations with fewer than 500 employees. The EDPB and EDPS have responded to the Commission's letter regarding specific modifications to the GDPR, anticipating a formal consultation following the proposed legislative change.

The European Data Protection Board (EDPB) adopted opinions on the European Commission's draft adequacy decisions regarding the European Patent Organisation (EPO) and the proposed extension of UK adequacy decisions under the GDPR and the Law Enforcement Directive. The EDPB granted observer status to the Personal Data Protection Agency of Bosnia and Herzegovina and emphasized the importance of dialogue between the Commission and international organizations to facilitate safe data flows while ensuring data protection rights and principles are aligned. The EDPB positively assessed the EPO's data protection framework alignment with EU regulations and approved a temporary 6-month extension for the UK adequacy decisions under the GDPR and LED, allowing ample time for the European Commission to evaluate the UK's legal framework further.

Every year, on 9 May, people across Europe celebrate the anniversary of the Schuman Declaration, which was a milestone to bring peace and solidarity in Europe. This year is particularly special as it …

Brussels, 23 April - The European Data Protection Board (EDPB) has published its 2024 Annual Report . The report provides an overview of the EDPB work carried out in 2024 and reflects on important mil…

Brussels, 14 April - During its April 2025 plenary, the European Data Protection Board (EDPB) has adopted guidelines on processing of personal data through blockchain technologies .  A blockchain…

Brussels, 14 March - During its March 2025 plenary meeting, the European Data Protection Board (EDPB) adopted a statement on the implementation of the Passenger Name Record Directive (PNR) in light of…