Strong cooperation in view of the upcoming challenges!


The 52nd meeting between the EDPS and the Data Protection Officers (DPO) network of the EU institutions, bodies, offices and agencies (EUIs) took place on 12 May 2023, hosted by the European Union Intellectual Property Office (EUIPO), in Alicante.

At the EDPS, we attach enormous importance to these bi-annual meetings with the DPO network, as these allow us to enhance our fruitful cooperation, and to acknowledge the efficient and hard work of the DPOs of the EUIs over the years. DPOs are the true guardians of data protection in practice, their invaluable work builds the bridge between organisations and citizens. Individuals lie at the heart of data protection, and therefore safeguarding their fundamental rights by fostering trust can only be achieved through unwavering compliance with the EU's legal framework.

Following extensive demand from the DPOs, the EDPS decided to dedicate a session of the meeting to the complex issue of international transfers of personal data. Assisted by the DPO Support Group, the EDPS invited the DPOs to participate in a hands-on case study where different scenarios were presented, and different solutions were explored. At the EDPS, we are really thrilled by the excellent discussions and cooperation with the network. The aim of the workshop was to empower DPOs with additional tools to efficiently handle upcoming challenges and solve ongoing issues.

Apart from the valuable role of the DPO Support Group, I was particularly delighted that we dedicated time to exchange on the DPOs’ experiences of cooperating with the EDPS. The DPOs were invited to share both positive things and areas where there is room for improvement, based on their experience and wishes for the future. This discussion was to a certain extent a novelty, triggered by a perceived need to do even more in terms of cooperation.

The final session focused on our pilot project Nextcloud and the use of Open Source Software and our alternative social media pilot project EU Voice and EU Video, powered by the free Mastodon and Peertube software. The presentation and the following discussion demonstrated the importance of exploring privacy-friendly alternatives in this field as a step towards digital sovereignty. There is no doubt that there are challenges when it comes to implementing these alternatives in the EUIs. However, cooperation between EUIs is key to succeed in such a process. More extensively, the challenges posed by technological developments based on massive data processing such as AI systems request legislators and regulators to focus on potential disruptive consequences for the lives of individuals, especially the most vulnerable. EUIs have the chance to play a unique role to pave the way to a more sustainable approach to the use of technology.

For that reason, I also wanted to highlight the upcoming role of the EDPS as the EUIs’ supervisor for AI systems and I encouraged all DPOs to reflect on how the use of these AI systems will intensify inside their organisations, since many of them might become contact points with the EDPS for his extended powers.

I want to close this blogpost noting that this year the GDPR is turning into a toddler. We are ready to celebrate the 5th anniversary with an event co-organised with the German Federal Commissioner for Data Protection and Freedom of Information (BfDI), and the Bavarian Data Protection Commissioner on 23 May 2023. I believe that after the success of the EDPS conference of last year on the topic of the future of data protection and the effective enforcement in the digital world, we resolutely need to continue our reflection on the practical functioning and enforcement within the digital rulebook.

The result of today’s intensive discussion and cooperation will undoubtedly determine our common successes and pave the way for the next years.