惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

D
Docker
Simon Willison's Weblog
Simon Willison's Weblog
H
Help Net Security
F
Fortinet All Blogs
H
Heimdal Security Blog
S
Schneier on Security
L
LangChain Blog
博客园 - Franky
酷 壳 – CoolShell
酷 壳 – CoolShell
NISL@THU
NISL@THU
P
Palo Alto Networks Blog
J
Java Code Geeks
博客园 - 【当耐特】
The Last Watchdog
The Last Watchdog
W
WeLiveSecurity
www.infosecurity-magazine.com
www.infosecurity-magazine.com
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
V
Vulnerabilities – Threatpost
I
InfoQ
Recorded Future
Recorded Future
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
C
CERT Recently Published Vulnerability Notes
T
Tenable Blog
腾讯CDC
C
Check Point Blog
量子位
M
MIT News - Artificial intelligence
GbyAI
GbyAI
罗磊的独立博客
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
B
Blog
小众软件
小众软件
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
C
CXSECURITY Database RSS Feed - CXSecurity.com
Stack Overflow Blog
Stack Overflow Blog
P
Proofpoint News Feed
P
Privacy & Cybersecurity Law Blog
V2EX - 技术
V2EX - 技术
T
Threatpost
Engineering at Meta
Engineering at Meta
Attack and Defense Labs
Attack and Defense Labs
T
Tailwind CSS Blog
S
Securelist
The Cloudflare Blog
博客园 - 叶小钗
L
LINUX DO - 最新话题
T
Troy Hunt's Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
爱范儿
爱范儿

EDPB News

EDPB requires Belgian DPA to handle the merits of NOYB cookie banner complaint EDPB sheds light on anonymisation and web scraping for generative AI and adopts final version of guidelines on blockchain EDPB and AMLA to develop Joint Guidelines on partnerships for information sharing One-Stop-Shop case digest on right to object and right to erasure updated Supporting GDPR consistency: EDPB launches dedicated form EDPB gets a new look: discover the new website and brand identity Coordinated Supervision Committee extends scope to include Eurodac Coordinated Supervision Committee extends scope to include Eurodac EDPB meets with EU Commissioner McGrath and adopts common data breach notification template EDPB meets with EU Commissioner McGrath and adopts common data breach notification template The Italian SA imposed a 40 000 EUR fine on a company for violating the confidentiality of a employee's email account after the end of his employment The Italian SA fined Poste Vita for data breach Imposition of fine on a telecommunications company for violations of data subject’s rights The Italian Supervisory Authority fined a company 120 000 EUR for tracking five employees who drove company cars Italian SA fines a company for post-sick leave questionnaires The Italian Supervisory Authority has fined Verisure Italia for unlawful processing of personal data for direct marketing purposes EDPB and EDPS support strengthening EU’s cybersecurity and easing compliance while protecting individuals’ personal data Europe Day 2026: let’s celebrate together Marking 10 years of the GDPR: the evolution of the European data protection landscape Stakeholder event on competition and data protection: save the date Stakeholder event on competition and data protection EDPB brings clarity to data processing for scientific research, speeds up the finalisation of the anonymisation guidelines and approves first European data protection seal as a tool for transfers Enhancing compliance and consistency: EDPB adopts DPIA template EDPB conference on cross-regulatory cooperation: what we learned CEF 2026: EDPB launches coordinated enforcement action on transparency and information obligations under the GDPR EDPB and EDPS support strengthening EU’s cybersecurity and easing compliance while protecting individuals’ personal data EDPB and EDPS support harmonisation of clinical trials under European Biotech Act, but call for specific safeguards for sensitive health data Stakeholder event on political advertising: agenda available now Conference on cross-regulatory cooperation in the EU (17 March) - Programme available now AI-generated imagery and protection of privacy: EDPB supports joint Global Privacy Assembly’s statement EDPB identifies challenges hindering the full implementation of the right to erasure Making GDPR compliance easier through new initiatives: a key focus of the EDPB work programme 2026-2027
EDPB annual report 2025: supporting stakeholders through guidance and dialogue
2026-04-09 · via EDPB News

Brussels, 09 April - The European Data Protection Board (EDPB) has published its 2025 Annual Report. The report provides an overview of the EDPB work carried out in 2025 and reflects on important milestones, such as the adoption of the Helsinki Statement on Enhanced Clarity, Support, and Engagement.

“In 2025, we saw the data protection landscape change significantly. The rapid expansion of the EU’s digital regulatory framework has added complexity to the data protection ecosystem. To help organisations navigate this complexity and support compliance, the EDPB focused on enhancing legal certainty, making compliance more achievable in practice, and strengthening cooperation, both among Data Protection Authorities and with other regulators. 

We also prioritised meaningful dialogue with stakeholders to ensure our work reflected real-world needs.

Our achievements support economic growth while continuing to protect individuals’ fundamental rights to privacy and data protection.”

EDPB Chair, Anu Talus

The Helsinki’s statement initiatives leading the way

In 2025, the EDPB worked actively to address the demand for regulatory simplification to support innovation and economic growth, while ensuring the protection of individuals’ personal data. 

With this in mind, the Board adopted the Helsinki Statement on Enhanced Clarity, Support, and Engagement, which outlines new initiatives to make GDPR compliance easier, strengthen consistency, enhance the dialogue and improve transparency with stakeholders and boost cross-regulatory cooperation.  

For example, the Board launched a public consultation to ask organisations which templates would be most useful, organised several stakeholder events to consult organisations on upcoming guidelines and systematically published reports on stakeholder input. 

Easing compliance for organisations and providing legal advice

In the context of ongoing discussions on regulatory simplification at EU level, the EDPB actively contributed to legislative initiatives aimed at reducing administrative burden and streamlining requirements. The Board adopted a joint opinion with the European Data Protection Supervisor (EDPS) on the Commission’s Proposal for a Regulation amending certain regulations, including the GDPR. 

In addition, the Board held important discussions on this matter during plenary meetings, which subsequently informed the  EPDB/EDPS joint opinions on the Commission’s proposals on the Digital Omnibus and on the Digital Omnibus on AI adopted at the beginning of 2026.

The Board also delivered five adequacy-related opinions concerning United Kingdom, Brazil and the European Patent Organisation (EPO). 

In addition, the Board adopted Recommendations on the legal basis for requiring the creation of user accounts on e-commerce websites, and Recommendations on the 2027 WADA World Anti-Doping Code upon request from the Commission.

Strengthening cross-regulatory cooperation

Cross-regulatory cooperation was a key focus for the EDPB last year. The EDPB worked together with the European Commission to clarify how data protection and digital laws interact and to address legal and practical challenges in cross-sectoral cases.

In 2025, the EDPB adopted its first set of joint guidelines with the Commission on the interplay between the Digital Markets Act (DMA) and the GDPR. The Board also worked with the Commission on joint guidelines on the interplay between the AI act and EU data protection laws for adoption in 2026. 

In addition, the EDPB adopted guidelines on the interplay between the Digital Services Act (DSA) and the GDPR.

Placing stakeholders at the heart of the EDPB work

In 2025, a public consultation was launched on the joint guidelines with the Commission on the DMA and the GDPR. The Board has also organised public consultations on the EDPB guidelines on DSA and GDPRblockchain technologies, pseudonymisation and on the recommendations on the legal basis for requiring the creation of user accounts on e-commerce websites.

In addition, in line with the Helsinki statement’s objectives to make GDPR compliance easier, the EDPB organised a public consultation to understand which templates organisations consider would be most useful for them (e.g. privacy notice template, record of processing activities template, etc.).

In December 2025, a stakeholder event on anonymisation and pseudonymisation took place, which was followed by a  report on the input collected during the event. 

Promoting high standards of data protection worldwide

In line with its Strategy 2024-2027, the EDPB continued to engage with the international community to promote a high level of data protection and to ensure effective protection of personal data beyond EU borders. To this end, the Board participated in international fora such as the G7 Data Protection Authorities Roundtable and the Global Privacy Assembly.

In December 2025, the EDPB also held online the second meeting with Commissioners and representatives of Data Protection Authorities (DPAs) from the countries and the organisation with an EU adequacy decision.

Providing guidance and ensuring consistency 

In 2025, three new set of guidelines focusing on pseudonymisation, blockchains technologies and on the DSA and the GDPR, and guidelines following public consultation on data transfers to third country authorities were adopted. 

29 Art. 64(1) GDPR opinions were adopted, reflecting the Board’s continued commitment to promoting harmonisation.

Supporting consistent and effective enforcement 

Strengthening cooperation among DPAs was another key priority in 2025. This took place through multiple instruments aimed at facilitating joint actions and knowledge-sharing, including the Coordinated Enforcement Framework (CEF), the Support Pool of Experts (SPE) and dedicated taskforces. 

The Board contributed to improving cross-border cooperation, supporting DPAs in handling complex cases and ensuring alignment in enforcement practices. In 2025, 414 cross-border cases were created in the EDPB’s case register, and 1299 procedures related to the One-Stop-Shop (Art. 60 GDPR) were triggered, out of which 572 let to final decisions.

Finally, at national level DPAs issued a total of €1,15 bn worth in fines.