EDPB Urges Greater Harmony Between Digital Laws & GDPR Amid Growing Regulatory Demands

The European Data Protection Board (EDPB) is calling for more coherence between the General Data Protection Regulation (GDPR) and the increasingly complex web of new digital legislation coming out of the EU. In a statement released after its December 2024 plenary session, the EDPB welcomed the European Commission’s second report on the GDPR’s application and emphasized the importance of aligning digital laws with the GDPR to maintain legal certainty.

While the EDPB acknowledged the positive impact of the GDPR, including empowering individuals with greater control over their personal data, it also pointed to the challenges presented by newer regulations like the Artificial Intelligence (AI) Act and the Digital Services Package. According to the EDPB, ensuring that these new laws align with the GDPR is essential for avoiding confusion and maintaining clarity across the digital landscape.

“We need a clear, consistent approach to how the GDPR interacts with new digital laws,” said Anu Talus, Chair of the EDPB. “This isn’t just about regulatory consistency—it’s about making sure that businesses and individuals can navigate the digital world without the fear of conflicting rules.”

The EDPB emphasized that its ongoing work aligns with its Strategy 2024-2027, which focuses on fostering better cooperation between data protection authorities (DPAs) and other regulatory bodies. One key area of focus is developing practical guidelines to ensure that the GDPR and emerging laws like the EU AI Act work hand in hand, rather than causing confusion for businesses, regulators, or consumers.

The Board also addressed the increasing demand for accessible information, particularly for non-experts and small and medium-sized enterprises (SMEs), and promised to ramp up efforts to produce content that can help these groups navigate complex regulatory waters.

However, with growing challenges comes a clear need for more resources. The EDPB highlighted the importance of additional financial and human resources to help data protection authorities manage the increasing complexity of cross-border cases and enforcement activities.

“We’re seeing more cross-border cases, and the complexities of regulating emerging technologies require us to be more agile and efficient,” Talus added. “This means we need the right resources in place to keep up with the demand.”

The EDPB also echoed concerns raised by the Fundamental Rights Agency (FRA) about the independence of supervisory authorities, urging the Commission to further assess the situation in light of some of the challenges faced by DPAs across member states.

As Europe continues its digital transformation, the need for regulatory clarity, cooperation, and sufficient resources has never been more pressing. The EDPB’s work in fostering cross-regulatory cooperation and offering practical guidelines will be key to ensuring that the GDPR remains the bedrock of EU data protection in an ever-evolving digital world.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.