European Union: European Data Protection Board released Data Brokers Market Study

On 4 March 2026, the European Data Protection Board (EDPB) released the Data Brokers Market Study, commissioned by the Belgian Supervisory Authority (BE SA) through the EDPB Support Pool of Experts Programme. The study identified data brokers and data providers with a presumed main establishment in Belgium, as defined under Article 4(16)(a) of the General Data Protection Regulation (GDPR). It established a working definition of a data broker and a set of selection criteria based on Article 4(1) GDPR, covering the collection of data from multiple sources, processing to develop consumer profiles, monetisation, and the absence of meaningful control by individuals. A three-step methodology was applied, comprising a literature review, a search strategy using NACEBEL codes and keyword-based online searches, and a selection process. Eight types of data brokers and data providers were identified: personal data brokers, AI platforms integrating personal data, business data brokers, data pools and cleanrooms, data marketplaces, self-generated data providers, data brokers with user control, and aggregated data providers with re-identification risk. More than 40 data brokers and providers active in Belgium were identified.