---

Data bodies see risks in EU’s GDPR proposals

Europe’s main data-protection bodies say that proposed changes to the GDPR from the European Commission may pose a risk to fundamental data-protection rights. 

The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) were referring to a proposed overhaul of the EU’s digital-rules framework announced last month. 

The proposals include clarification on the definition of ‘personal data’ under the GDPR and the streamlining of rules on cookies.

After a preliminary discussion on the issue yesterday (4 December), the EDPB said: “The EDPB and the EDPS can already underline that the proposed modification of the definition of personal data seems to go further than the recent CJEU case law, and beyond a targeted modification of the GDPR.” 

Fundamental rights 

The two bodies, who are due to issue a joint opinion on the proposals soon, said that they would focus on how the commission’s plans affected the fundamental rights of individuals and whether it would lead to simplification for organisations and more legal certainty. 

They added that they remained committed to finding solutions to make GDPR compliance easier, especially for small organisations. 

The EDPB, which ensures that the GDPR is applied consistently, comprises the heads of Europe’s national data-protection authorities. The EDPS is responsible for data-protection issues linked to the processing of personal data by EU institutions and bodies.