EDPB adopts “wish list” of procedural aspects, first EU data protection seal and a statement on digital euro
The European Data Protection Board (EDPB) adopted a list of aspects in national procedural law that it wishes to see harmonised at EU level to facilitate GDPR enforcement. This “wish list” is one of the key actions set out in the EDPB’s Vienna statement on enforcement cooperation. The list has been sent to the European Commission for its consideration.
The list addresses, among others, the status and rights of the parties to the administrative procedures; procedural deadlines; requirements for admissibility or dismissal of complaints; investigative powers of data protection authorities; and the practical implementation of the cooperation procedure.
Next, the EDPB adopted an Opinion on the approval by the Board of the Europrivacy certification criteria submitted by the Luxembourg data protection authority (DPA). This Opinion marks the approval of the very first European Data Protection Seal by the EDPB pursuant to Art. 42 (5) GDPR.
The Europrivacy certification mechanism is a general scheme that targets a large range of different processing operations performed by both controllers and processors from various sectors. The scheme includes specific criteria that make it scalable and applicable to specific processing operations or sectors of activity.
Finally, the EDPB adopted a statement on the digital euro. In its statement, the EDPB reiterates the importance of ensuring privacy and data protection by design and by default in this project.
The EDPB cautions against the use of systematic validation and tracing of all transactions in digital euros. In this respect, the EDPB recommends that the digital euro is made available both online and offline, along a threshold below which no tracing is possible, to allow full anonymity of daily transactions. Finally, the EDPB calls on the European Central Bank and the European Commission to enhance public debate on the digital euro project to ensure it meets the highest standards of privacy and data protection.