EDPB

Must-read update! Will we get PCs for Art. 64(2) Opinions? Strategic case coming to an end. Updates on recent Opinions and Guidelines + DPA news: New 🇦🇹 DPA for the legislative sector, 🇸🇪 new Director, 🇪🇸 Director leaving, 🇽🇰 becomes observer, new tools from 🇱🇹&🇭🇷 + lots of DPA networking.

The EDPB has now held their stakeholder event and the Opinion is due by the end of the year. Check out these LinkedIn posts (and comments) to hear how it went!

New 💸 fines guidelines coming at the end of 2025. Plus, an exciting Support Pool of Experts legal report on 'the extra-territorial enforcement of the GDPR' is coming soon.

Controllers should keep identity of *all* processors and sub-processors "readily available at all times" and their obligation to verify (sub-)processors' ‘sufficient guarantees’ should apply regardless of the risk. The EDPB also shares legitimate interest Guidelines for public consultation and more.

Systems overload! Is the EDPB taking on too much?

Noteworthy points on involving others (earlier) in their work, opinions vs. guidelines, the political ads Regulation, and 🇸🇪 Supreme Admin. Court CJEU request regarding Art. 13-14 and camera surveillance.

EDPB opines that DPAs should be designated AI Act MSAs, adopted 🇪🇺-🇺🇸 DPF FAQs for individuals and businesses, and an opinion approving the EuroPriSe Criteria Catalogue for certifying processors' processing activities, resulting in a European Data Protection Seal.