When data relate to us
The EDPS vs. Single Resolution Board judgment goes to the heart of the EU’s fundamental right to data protection, shaping how artificial intelligence, data spaces and so-called privacy-enhancing technologies (PETs) will be governed in practice. The ruling of the Court of Justice of the European Union (CJEU) arrives at a crucial time to reiterate what counts as personal data, reinforcing the importance of the protection that the GDPR was designed to guarantee.
Filter resources
-
When data relate to us
The EDPS vs. Single Resolution Board judgment goes to the heart of the EU’s fundamental right to data protection, shaping how artificial intelligence, data spaces and so-called privacy-enhancing technologies (PETs) will be governed in practice. The ruling of the Court of Justice of the European Union (CJEU) arrives at a crucial time to reiterate what counts as personal data, reinforcing the importance of the protection that the GDPR was designed to guarantee.
Read more
-
Press Release: Commission’s Digital Omnibus is a major rollback of EU digital protections
Today the European Commission has published two Digital Omnibus proposals, reopening the EU’s core protections against harm in the digital age. This step risks dismantling the rules-based system that was hard-won over decades, endangering the very foundation of human rights and tech policy in the EU.
Read more
-
Why the Digital Omnibus puts GDPR and ePrivacy at risk
On 19 November, the European Commission has published two Omnibus proposals: one that rewrites key parts of the General Data Protection Regulation (GDPR) and ePrivacy rules, along with other data-related laws, and another that amends the AI Act. This article focuses on the first proposal. It explains how the changes would weaken core rights to data protection and the confidentiality of communications, and why the combined effect risks reshaping long-standing safeguards for people in the EU.
Read more
-
Budget cuts incapacitate Austrian DPA: NGOs complaint to the EU Commission
Despite its growing responsibilities, the Austrian Data Protection Authority continues to be impaired by budget cuts. epicenter.works and noyb are filing a complaint with the European Commission about Austria not fulfilling its obligations of sufficiently funding its data protection authority and leaving millions of Austrians to deal with consequences of limited access to the fundamental right to data protection.
Read more
-
A Privacy Nightmarе: Understanding Spyware, a new book by SHARE Foundation
SHARE Foundation’s new book ‘A Privacy Nightmare: Understanding Spyware’ examines spyware through technical, legal, and practical lenses, offering a systemic understanding of its threats and reinforcing the call for a global ban.
Read more
-
ProtectNotSurveil coalition raises alarm about EU’s Frontex expansion plans
The European Commission is set to reform Frontex’s mandate again in 2026. Frontex is the European Border and Coast Guard agency. Responding to the consultation call, the ProtectNotSurveil coalition highlights how reckless the expansion of Frontex’s surveillance capacities would be and how the Commission’s foreseen plans go in the opposite direction of what migrants and affected communities are calling for.
Read more
-
Consultation response to the European Commission’s call for evidence on a new Europol regulation
The European Commission launched a call for evidence to gather views on the reform of Europol’s mandate. Europol is the EU law enforcement cooperation agency. EDRi along with Resist Europol coalition members submitted a response to the consultation, sharing their concerns about this renewed expansion of powers, despite Europol’s numerous issues around opacity and lack of accountability.
Read more
-
EDRi warns against GDPR ‘simplification’ at EU Commission dialogue
On 16 July 2025, EDRi participated in the European Commission’s GDPR Implementation Dialogue. We defended the GDPR as a cornerstone of the EU’s digital rulebook and opposed further attempts to weaken it under the banner of ‘simplification’. The discussion was more divided than the official summary suggests.
Read more
-
Undermining the GDPR through ‘simplification’: EDRi pushes back against dangerous deregulation
EDRi has responded to the European Commission’s consultation on the GDPR ‘simplification’ proposal. The plan to remove documentation safeguards under Article 30(5) risks weakening security, legal certainty and rights enforcement, and opens the door to broader deregulation of the EU’s digital rulebook.
Read more
-
Joint civil society response to the Commission’s call for evidence: Impact assessment on data retention by service providers for criminal proceedings
Last week, the EDRi network expressed shared concerns about the introduction of new rules at EU level on the retention of data by service providers for law enforcement purposes.
Read more
-
Data flows and digital repression: Civil society urges EU to reassess Israel’s adequacy status
On 24 June 2025, EDRi, Access Now and other civil society organisations sent a second letter to the European Commission, urging it to reassess Israel’s data protection adequacy status under the GDPR. The letter outlines six categories of concerns linking Israel’s data practices to escalating human rights violations in Gaza and the West Bank.
Read more
-
Open Letter: Reopening the GDPR is a threat to rights, accountability, and the future of EU digital policy
121 civil society organisations, academics, companies and other experts, including EDRi, are concerned about the proposals to reopen the General Data Protection Regulation (GDPR). They are calling on the European Commission to protect people’s rights and dignity in a data-driven world by reaffirming the GDPR as the cornerstone of EU’s digital law and supporting its rigorous enforcement.
Read more