European Data Protection Board holds October plenary session

October 11, 2022

The EDPB has held its October plenary session.

Wish list of changes to national procedural law

During that meeting, it set out a list of provisions of national procedural law that it wishes to see harmonised at EU level to facilitate GDPR enforcement. This “wish list” is one of the key actions set out in the EDPB’s Vienna statement on enforcement cooperation. The EDPB has sent the list to the European Commission for its consideration.

The list addresses, among other things, the status and rights of the parties to the administrative procedures; procedural deadlines; requirements for admissibility or dismissal of complaints; investigative powers of data protection authorities; and the practical implementation of the cooperation procedure.

European Data Protection Seal

The EDPB also adopted an Opinion on the approval by the Board of Europrivacy certification criteria which were submitted by the Luxembourg data protection authority. This is the first European Data Protection seal by the EDPB under Article 42 (5) of the GDPR.

The Europrivacy certification mechanism is a general scheme that targets a large range of different processing operations performed by both controllers and processors from various sectors. The scheme includes specific criteria that make it scalable and applicable to specific processing operations or sectors of activity.

The EDPB says that this approval is another step towards greater GDPR compliance. Certification under the Data Protection Seal is valid in all EU member states. It allows different controllers and processors in different countries to achieve the same level of compliance for similar processing operations.

Digital Euro

Finally, the EDPB adopted a statement on the digital euro. In its statement, the EDPB reiterates the importance of ensuring privacy and data protection by design and by default in this project.

The EDPB cautions against the use of systematic validation and tracing of all transactions in digital euros. In this respect, the EDPB recommends that the digital euro is made available both online and offline, along a threshold below which no tracing is possible, to allow full anonymity of daily transactions. Finally, the EDPB calls on the European Central Bank and the European Commission to enhance public debate on the digital euro project to ensure it meets the highest standards of privacy and data protection.