EDPB adopts “wish list” of procedural aspects, first EU data protection seal and a statement on digital euro

12 October 2022

Brussels, 12 October - The EDPB adopted a list of aspects in national procedural law that it wishes to see harmonised at EU level to facilitate GDPR enforcement. This “wish list” is one of the key actions set out in the EDPB’s Vienna statement on enforcement cooperation. The list has been sent to the European Commission for its consideration.

EDPB Chair Andrea Jelinek said: “The EDPB has taken important steps to promote effective cooperation in view of strong and swift enforcement of the GDPR.  We have identified some obstacles beyond our remit which may require a legislative initiative. The current patchwork of national procedures and practices has a detrimental impact on cooperation between data protection authorities.”

The list addresses, among others, the status and rights of the parties to the administrative procedures; procedural deadlines; requirements for admissibility or dismissal of complaints; investigative powers of data protection authorities; and the practical implementation of the cooperation procedure.

Next, the EDPB adopted an Opinion  on  the  approval  by  the  Board  of  the Europrivacy  certification  criteria submitted by the Luxembourg data protection authority (DPA). This Opinion marks the approval of the very first European Data Protection Seal by the EDPB pursuant to Art. 42 (5) GDPR.

The Europrivacy certification mechanism is a general scheme that targets a large range of different processing operations performed by both controllers and processors from various sectors. The scheme includes specific criteria that make it scalable and applicable to specific processing operations or sectors of activity.

This approval is another step towards greater GDPR compliance. Certification under the Data Protection Seal has validity in all EU Member States. It allows different controllers and processors in different countries to achieve the same level of compliance for similar processing operations.

Finally, the EDPB adopted a statement on the digital euro. In its statement, the EDPB reiterates the importance of ensuring privacy and data protection by design and by default in this project.

The EDPB cautions against the use of systematic validation and tracing of all transactions in digital euros. In this respect, the EDPB recommends that the digital euro is made available both online and offline, along a threshold below which no tracing is possible, to allow full anonymity of daily transactions. Finally, the EDPB calls on the European Central Bank and the European Commission to enhance public debate on the digital euro project to ensure it meets the highest standards of privacy and data protection.