European Union: Adopted EDPB Opinion 2/2023 on the draft decision of the competent supervisory authority of Latvia for accreditation of a code of conduct monitoring body

On 3 February 2023, the European Data Protection Board (EDPB) adopted its Opinion 2/2023 on the draft decision of the Latvian supervisory authority regarding the approval of the requirements for accreditation of a code of conduct (CoC) monitoring body, pursuant to Article 41 of the EU General Data Protection Regulation (GDPR). Article 41 lists requirements for areas that a monitoring body needs to address for accreditation and that all codes (except those covering public authorities) have an accredited monitoring body. The EDPB’s opinion contains its analysis of the Latvian supervisory authority's accreditation requirements for CoC monitoring bodies and suggests some areas for improving the application, including improving the clarity of term definitions for consistency, amendments to demonstrate safeguards to conflicts of interest of a monitoring body, and suggestions to include examples of the financial independence of the monitoring body.