On 02 September 2020, the EDPB adopted guidelines on the concepts of data controller and data processor under the GDPR as well as on user targeting by social media. The guidelines will be subject to public consultation.

The EDPB also created a working group charged with examining the complaints filed after the CJEU’s Schrems II decision, and issuing recommendations on the appropriate additional measures to put into place to ensure the protection of personal data in transfers to third countries.

To learn more and identify measures that can be put into place today, see: