Yesterday, the chair of the European Data Protection Board ("EDPB") published a  statement on the second anniversary of the GDPR coming into force. 

Although the use of personal data in response to COVID-19 has been a key topic recently, it isn't the only one on the EDPB's radar. 

The European Commission will soon publish its review of GDPR implementation, covering international data transfers, which the EDPB has contributed to. 

Importantly, in the EDPB's view it is too soon to consider revising the GDPR, which is welcome news for many organisations. 

Looking forward, the key challenges from the EDPB's perspective include: 

1. resourcing for data protection authorities - resolving cross border cases requires significant time and resources and in the EDPB's view national governments need to fund data protection authorities appropriately; 

2. different national administrative procedural rules - differences in national laws in terms of administrative procedures and practices can create issues, and the EDPB is committed to finding a solution to these challenges. 

GDPR 2 Years On - What's Happened and What's Ahead?

If you would like more information on the key data protection developments since the GDPR came into force (as well as what to expect going forward), please see our article here which provides a summary both at an EU level but also specific developments in the UK, France, Germany, Spain, Italy, Belgium, Netherlands, Sweden and Poland.