Standardised Messenger Audit

27 June 2024

The Standardised Messenger Audit project aims at helping to inspect the messenger services used within businesses from a data protection perspective.

The EDPB launched the Standardised Messenger Audit project in the context of the Support Pool of Experts programme at the request of the German Federal Data Protection Authority (DPA).

Project completed by the external expert Prof. Mathieu Cunche in November 2023, who worked closely with the German Federal DPA, which provided significant input and feedback.

Objective

The project provides a test catalogue of mandatory, recommended, and optional requirements which a GDPR-compliant messenger frontend would have to meet. The catalogue may support data protection authorities in their work, but also companies that want to review and improve their product.

The Standardised Messenger Audit project includes two deliverables:

Standardised messenger audit - Frontend requirements 416.5KB

Lejupielādēt file 1

Standardised messenger audit - Audit methodology 1008.7KB

Lejupielādēt file 2

Opinion 23/2024 on the draft decision of the Irish Supervisory Authority regarding the Controller Binding Corporate Rules of the Aptiv Group

11 November 2024

Opinion of the Board (Art. 64)

EDPB response to NATO/SHAPE

7 November 2024

Letters

Statement 5/2024 on the Recommendations of the High-Level Group on Access to Data for Effective Law Enforcement

4 November 2024

Statements

EDPB Report on the first review of the European Commission Implementing Decision on the adequate protection of personal data under the EU-US Data Privacy Framework

4 November 2024

Other

Report on Article 36 alerts of Schengen Information System decision

21 October 2024

CSC Documents

The members of the Schengen Information System II Supervision Coordination Group (SIS II SCG) and the Coordinated Supervision Committee (CSC) conducted a coordinated inspection activity concerning the Schengen Information System (SIS). The SIS is the most widely used and largest information sharing system for security and border management in Europe.

Within the scope of the inspections, the alerts and procedures with regard to Article 36 of the SIS II Decision were checked, as there has been a Europe-wide increase in the number of alerts in this alert category. In order to achieve comparable results, a questionnaire was developed by the SIS SCG and used by the Member States for their inspections.

The results indicated various differences between the nineteen Member States which took part in the coordinated inspection activity, enabling the CSC to draw conclusions and to recommend the necessary measures with regard to the documentation of the alerts, their quality, the time limits and retention period, as well as substantive and technical issues.