Recent from talks
European Data Protection Supervisor
Knowledge base stats:
Talk channels stats:
Members stats:
European Data Protection Supervisor
The European Data Protection Supervisor (EDPS) is an independent supervisory authority whose primary objective is to monitor and ensure that European institutions and bodies respect the right to privacy and data protection when they process personal data and develop new policies.
Wojciech Wiewiórowski has been appointed European Data Protection Supervisor (EDPS) by a joint decision of the European Parliament and the Council. Appointed for a five-year term, he took office on 6 December 2019.
Regulation (EU) 2018/1725 describes the duties and powers of the European Data Protection Supervisor (Chapter VI) as well as the institutional independence of the EDPS as a supervisory authority. It also lays down the rules for data protection in the EU institutions.
The duties and powers of the EDPS, as well as the institutional independence of the supervisory authority, are set out in the "Data Protection Regulation". In practice the EDPS' activities can be divided into three main roles: supervision, consultation, and cooperation.
In the "supervisory" role the EDPS' core task is to monitor the processing of personal data in European institutions and bodies. The EDPS does so in cooperation with the data protection officers (DPO) present in each European institution and body. The DPO has to notify the EDPS about any processing operations involving sensitive personal data or likely to pose other specific risks. The EDPS then analyses this processing in relation to the Data Protection Regulation and issues a "prior check" opinion. In most cases, this exercise leads to a set of recommendations that the institution or body needs to implement so as to ensure compliance with data protection rules.
In 2009, for instance, the EDPS adopted more than a hundred prior check opinions, mainly covering issues such as health data, staff evaluation, recruitment, time management, telephone recording performance tools, and security investigations. These opinions are published on the EDPS website and their implementation is followed up systematically. For both 2022 and 2023 the EDPS adopted only a single opinion on a prior consultation.
The implementation of the Data Protection Regulation in the EU administration is also closely monitored by regular stock-taking of performance indicators, involving all EU institutions and bodies. In addition to this general monitoring exercise, the EDPS also carries out on-site inspections to measure compliance in practice.
The supervisory role of the EDPS also involves investigating complaints lodged by EU staff members or any other individual who feels that their personal data have been mishandled by a European institution or body. Examples of complaints include alleged violations of confidentiality, access to data, the right of rectification, erasure of data, and excessive collection or illegal use of data by the controller.
Hub AI
European Data Protection Supervisor AI simulator
(@European Data Protection Supervisor_simulator)
European Data Protection Supervisor
The European Data Protection Supervisor (EDPS) is an independent supervisory authority whose primary objective is to monitor and ensure that European institutions and bodies respect the right to privacy and data protection when they process personal data and develop new policies.
Wojciech Wiewiórowski has been appointed European Data Protection Supervisor (EDPS) by a joint decision of the European Parliament and the Council. Appointed for a five-year term, he took office on 6 December 2019.
Regulation (EU) 2018/1725 describes the duties and powers of the European Data Protection Supervisor (Chapter VI) as well as the institutional independence of the EDPS as a supervisory authority. It also lays down the rules for data protection in the EU institutions.
The duties and powers of the EDPS, as well as the institutional independence of the supervisory authority, are set out in the "Data Protection Regulation". In practice the EDPS' activities can be divided into three main roles: supervision, consultation, and cooperation.
In the "supervisory" role the EDPS' core task is to monitor the processing of personal data in European institutions and bodies. The EDPS does so in cooperation with the data protection officers (DPO) present in each European institution and body. The DPO has to notify the EDPS about any processing operations involving sensitive personal data or likely to pose other specific risks. The EDPS then analyses this processing in relation to the Data Protection Regulation and issues a "prior check" opinion. In most cases, this exercise leads to a set of recommendations that the institution or body needs to implement so as to ensure compliance with data protection rules.
In 2009, for instance, the EDPS adopted more than a hundred prior check opinions, mainly covering issues such as health data, staff evaluation, recruitment, time management, telephone recording performance tools, and security investigations. These opinions are published on the EDPS website and their implementation is followed up systematically. For both 2022 and 2023 the EDPS adopted only a single opinion on a prior consultation.
The implementation of the Data Protection Regulation in the EU administration is also closely monitored by regular stock-taking of performance indicators, involving all EU institutions and bodies. In addition to this general monitoring exercise, the EDPS also carries out on-site inspections to measure compliance in practice.
The supervisory role of the EDPS also involves investigating complaints lodged by EU staff members or any other individual who feels that their personal data have been mishandled by a European institution or body. Examples of complaints include alleged violations of confidentiality, access to data, the right of rectification, erasure of data, and excessive collection or illegal use of data by the controller.
Recent media