EDPB publishes annual report 2025
The European Data Protection Board (EDPB) has released its Annual Report for 2025, outlining significant developments in data protection across the European Union. The report highlights the continued enforcement of the General Data Protection Regulation (GDPR) and the increasing number of cross-border cases handled by the EDPB. This reflects the growing importance of data privacy and the commitment of EU authorities to uphold citizens’ rights in an evolving digital landscape.
In 2025, the EDPB focused on enhancing cooperation between national data protection authorities to ensure consistent application of GDPR rules. Over 1,200 cross-border cases were processed, demonstrating a robust mechanism for addressing complex data protection issues that affect multiple member states. This cooperation has helped to clarify regulatory expectations for businesses operating in the EU, providing greater legal certainty and promoting compliance.
The report also emphasizes the role of the EDPB in guiding organizations through the challenges posed by new technologies, such as artificial intelligence and big data analytics. By issuing guidelines and recommendations, the EDPB supports companies in implementing data protection by design and default, which is essential to maintain trust and protect individuals’ personal data. This proactive approach aims to prevent violations and reduce the risk of penalties.
Financially, the report notes that fines imposed for GDPR breaches in 2025 amounted to approximately €300 million, underlining the serious consequences of non-compliance. The EDPB continues to prioritize transparency and accountability, encouraging organizations to adopt best practices and respect the fundamental rights of data subjects. Overall, the 2025 Annual Report reflects a strong commitment to safeguarding privacy and promoting a secure digital environment in the EU.
