20 Initiatives

Any limitation on the exercise of the fundamental rights to privacy and to the protection of personal data must respect the essence of those rights. Despite the importance of this requirement, limited guidance can be found on how it should be applied in practice. The EDPS will publish a Concept Paper that will offer perspectives on the role that the essence of the rights to the protection of privacy and of personal data could play in EU law.

The EDPS is committed to becoming an employer of choice, offering exciting and rewarding opportunities for talents in the EU. In 2025, our institution plans to boost its learning and development programme to match staff needs and adapt to the ever-transforming digital landscape. Embracing digitalisation helps us eliminate red tape and increase the time devoted to strategic thinking. Advanced technologies will remain at the service of human needs and values and the EDPS will make sure wellbeing and sustainability are embedded in our culture.

“Meet Team EDPS” is an initiative that introduces to the public the faces behind the EDPS: who they are, what they do, and why they are proudly working for the EDPS. The EDPS works to uphold the fundamental rights to privacy and data protection at the highest standards, and this requires high expertise and commitment. Those who make this happen are professionals who work with firm dedication, in a collaborative, vibrant, multicultural environment - all for the benefit of EU citizens, who we want to introduce.

The EDPS will launch a pilot campaign on a subset of EU institutions' (EUIs) websites. This website compliance awareness campaign (WCAC) is an initiative for helping acquire awareness of potential compliance issues, promoted by the EDPS in accordance with Article 57(1) (c) Regulation (EU) 2018/1725 (‘EUDPR’). It aims at supporting controllers in fulfilling their accountability obligations under Article 4(2) EUDPR.

The EDPS will publish a Concept Paper on the use of Artificial Intelligence (AI) in the field of criminal justice and law enforcement in the EU. The Paper will explore from a data protection perspective the legal and practical implications of the increasingly pervasive use of AI systems in the area of freedom, security and justice. It will also identify immediate and short-term priorities for the supervision by the EDPS of the use of AI applications by the EU agencies and offices like Europol, Eurojust and the European Public Prosecutor’s Office.

EU Institutions, Bodies, Offices and Agencies (EUIs) will soon have their own Data Protection Officer (DPO) certification course. In cooperation with the European School of Administration (EuSA), the EDPS will launch a DPO certification programme for EUI’s staff members who wish to join the data protection community. Participants will explore the main principles of EU data protection legislation through general presentations, concrete case studies, and EU case law on privacy and data protection.

To help promote effective enforcement in the digital world, the EDPS will publish a position paper on the future of cross-regulatory cooperation. Building on its experience with the Digital Clearinghouse (2017-2021), this publication will take stock of relevant developments in the EU regulatory sphere, such as the EU Digital Rulebook and landmark rulings of the EU Court of Justice, as well as new multilateral cooperation structures at national level. Relevant stakeholders will be also involved in the discussion.

Data Protection ExPLAINed is a series of 5 videos presenting the core principles of data protection under EU law. The series is a must-see for a general overview of EU data protection law and the implications data protection has on citizens’ every-day lives. Each video illustrates the core principles of data protection through stories about people who overcame specific problems with the help of EU data protection law.

Transparency stands as a cornerstone among the core values of EDPS. It steers the overall approach to our tasks and shapes our demeanour in fulfilling our duties and responsibilities. As we commemorate the 20th anniversary of the EDPS, we aspire to elevate this pledge further to our stakeholders and EU citizens. We will evaluate and disclose previously unreleased documents of the last two decades, starting with the present mandate, thereby fostering openness and accountability.

The EDPS is boosting its commitment to enhancing international capabilities in monitoring technological developments and its capacity to respond to the challenges posed by new technologies to privacy and data protection rights. This initiative focuses on expanding EDPS' capabilities in technology monitoring and foresight while actively promoting cooperation among regulatory authorities and other international stakeholders.

The EDPS and the World Bank will co-host the 2024 edition of the International Organisations Workshop on Data Protection (IOW) on 23 and 24 September 2024 in Washington, D.C. This event will gather International Organisations from all over the world and, for the first time ever, the IOW will be organised outside of Europe. In the year of its 20th Anniversary, this edition of the IOW will underscore the EDPS’ commitment to enhancing the global dimension of this initiative and acting as a catalyst for promoting the implementation of data protection principles worldwide.

This initiative aims to enhance the capability of EUIs’ DPOs and increase their effectiveness through a comprehensive set of actions. These include an enhanced support provided via a dedicated contact point, the organisation of a centralised knowledge database for DPOs, the development of interactive training and the development of common action protocols for DPOs.

The framework for interoperability in Justice and Home Affairs allowing the connection of EU large-scale information systems (databases in the fields of borders, visa, police and judicial cooperation, asylum and migration) will progressively enter into operation as from 2024. This interoperability architecture will lead to the large scale processing of personal data of non-EU nationals, who travel or intend to travel to the EU. The EDPS is preparing to protect the rights of these individuals, by effectively supervising this new framework.

The EDPS is set to launch a campaign to raise EU institutions’, bodies’, offices’ and agencies’ (EUIs) awareness on how to manage personal data breaches. Despite the growing number of cybersecurity incidents affecting personal data, nearly one-third of the EUIs have never notified any personal data breach to the EDPS, whilst one third has only notified 1 or 2 personal data breaches.

Any legislative proposal that implies the processing of personal data must comply with individuals’ right to respect for private and family life and the right to the protection of personal data.  In our role as advisor to the European Commission, European Parliament and Council, the EDPS has developed draft Guidance for co-legislators on the main elements to consider when developing legislative proposals that imply the processing of personal data.

The EDPS is launching a call for applications to support independent research projects on privacy and data protection. Applications are open to individuals who have initiated an independent research project that aims to strengthen the fundamental rights to privacy and the protection of personal data. The EDPS will support the development of the selected research projects by offering its expertise in the areas of law, policy, and technology.

The public's trust in data protection is critically dependent on how well infringements on individuals’ privacy are managed. Traditionally, the EDPS has processed complaints internally, with minimal visibility provided to the EU institutions, bodies, offices and agencies (EUIs) and the wider public.

One of the EDPS’ mission is to promote a strong data protection culture inside the EU institutions, bodies, offices and agencies (EUIs). To achieve this, one of our key task is to carry out audits and inspections, which are crucial to preserve high data protection standards. Traditionally, some audit reports and their executive summaries are shared with the public in annual reports or used for internal evaluations. However, we acknowledge that for us to evolve as a modern, highly efficient organisation, we need to be more transparent in our processes and outcomes.