European Union: European Data Protection Board adopted report highlighting regulatory activities, enforcement actions, and guidance outputs

On 9 April 2026, the European Data Protection Board (EDPB) published its annual report 2025. The report covers the EDPB's activities during the year, including the adoption of guidelines on pseudonymisation, blockchain technologies, and the interplay between the General Data Protection Regulation (GDPR) and other digital legislation, including the Digital Services Act and Digital Markets Act. It also highlights opinions on adequacy decisions for the United Kingdom, Brazil, and the European Patent Organisation. The report includes enforcement actions of organisations across the European Economic Area, with enforcement data covering 30 jurisdictions and total fines of over EUR 1.14 billion issued by national data protection authorities during the year. It also documents progress under the Helsinki statement on enhanced clarity, support and engagement, the coordinated enforcement action on the right to erasure, and the work of the support pool of experts on Artificial Intelligence (AI) and data protection. It was also stated that the report will be followed by a series of deliverables in 2026, including a data protection impact assessment template, a common data breach notification template, and joint guidelines on the interplay between the AI Act and data protection law.