EDPB & EDPS issue joint statement on GDPR simplification proposal
09/07/2025 | EDPB
The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have issued a joint statement concerning the European Commission's draft proposal on the simplification of record-keeping obligations under Article 30(5) of the EU General Data Protection Regulation (GDPR). The EDPB and EDPS support reducing the administrative burden for smaller businesses, provided it does not diminish the fundamental right to data protection.
The EDPB and EDPS welcome the targeted and limited nature of the proposed modifications, noting they do not affect core GDPR principles. However, they stress the importance of proportionality and necessity in simplification, citing the absence of a fundamental rights impact assessment in the proposal.
To avoid misunderstanding, the EDPB and EDPS suggest an amendment to the recitals that would make records of processing mandatory only for high-risk activities covered under Articles 9 and 10 of the GDPR. To this end, they propose rephrasing Recital 10 to ensure that processing for purposes under Article 9(2)(b) would not require record-keeping unless the processing is likely to result in a high risk.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 6,250 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.