Data protection rules protect privacy and prevent personal information from misuse. When the general data protection regulation (GDPR) came into force in 2018, it strengthened the role of data protection authorities. These supervisory bodies are the key enforcers of the fundamental right of protection of personal data. This report analyses the challenges they face in the GDPR implementation. The findings complement the European Commission’s forthcoming evaluation of the GDPR.
Recommendations 2/2025 on the legal basis for requiring the creation of user accounts on e-commerce websites
The EDPB clarifies that mandatory user accounts are only lawful under the GDPR when they are strictly necessary and respect […]