The European Data Protection Board (EDPB)
The EDPB is an independent body at European level with its own legal personality. It ensures, first and foremost, the consistent application of data protection rules throughout the European Union (EU).
The EDPB brings together representatives of the national data protection authorities of all EU Member States and of the European Data Protection Supervisor (EDPS). Other members without voting rights are the supervisory authorities of the EEA/EFTA States. The European Commission (COM) is entitled to participate in the deliberations and meetings of the Board without voting rights.
The EDPB’s tasks arise from Art. 70 of the GDPR. The main tasks are:
- to provide general guidance (including guidelines, recommendations and best practices) in order to ensure legal clarity
- to advise the European Commission on any issues related to the protection of personal data and new proposed legislation in the European Union
- to take decisions on cross-border data protection cases in the context of the consistency mechanism
- to promote cooperation and effective exchange of information and best practices among national supervisory authorities
The EDPB specifies these tasks in its strategy (EDPB’s strategy for the years 2024-2027) and in its work programme (Work Programme 2023/2024). The EDPB has sub-groups (expert subgroups) which prepare the Board’s topic-related opinions and decisions. The EDPB and its sub-groups act on the basis of the Rules of Procedure of the EDPB and its guiding principles.
Details of the EDPB’s work and activities will be published in its annual report.
The BfDI is the joint representative for the German data protection authorities in the EDPB.