Skip to content
FRIDAY, JULY 17, 2026
Policy & Governance

EDPB presses Commission for legal route to share confidential enforcement data across EU regulators

By Jordan Vale2 min read
EDPB presses Commission for legal route to share confidential enforcement data across EU regulators

Image / edpb.europa.eu

Dublin meeting also focused on pooling DPA resources, joint operations and more consistent GDPR enforcement as AI-driven complaints strain authorities.

The European Data Protection Board has urged the European Commission to create a clear legal basis allowing regulators in different EU policy areas to share enforcement information, including confidential material.

The call came after a high-level EDPB meeting in Dublin on 16 and 17 July. The Board said regulators increasingly need to cooperate across adjacent areas of EU law, but stronger legislation is needed to remove barriers to information sharing and improve enforcement outcomes.

The request matters for technology companies facing scrutiny that can span data protection and other digital regulatory regimes. A new legal mechanism could make it easier for authorities with separate mandates to exchange evidence, complaints data or other confidential information when pursuing related enforcement work.

The EDPB did not specify the legal instrument it wants the Commission to propose, what safeguards it would include, or whether the Commission has agreed to act. No proposal timetable was announced.

The Board also discussed steps to make GDPR enforcement more consistent across member states. Data protection authorities said complaint volumes and case complexity have increased, in part because of wider AI use, while resource constraints limit their ability to exercise GDPR powers efficiently.

For cross-border cases, the authorities discussed practical cooperation measures, including allowing a complaint-receiving authority to make resources available to the lead supervisory authority where useful. DPAs also plan workshops on enforcement procedures and national practices, including work connected to the upcoming GDPR Procedural Regulation.

The EDPB said greater use of joint operations could help authorities pool resources and conduct enforcement actions more efficiently. It expects information sharing and joint operations to support more consistent enforcement, stronger protection for individuals and greater regulatory certainty for industry.

For compliance leaders, the immediate change is limited: the Board’s statement does not create a new information-sharing power or alter GDPR obligations. But it signals that EU regulators want fewer operational barriers when investigations overlap across jurisdictions or regulatory domains.

The enforcement direction is clear. Companies should expect continued pressure for faster, more coordinated handling of large cross-border GDPR cases, particularly where many individuals may be affected. The scope of any future cross-regulatory information-sharing regime remains uncertain until the Commission sets out a specific legislative proposal.

Sources & methodology
  1. EDPB calls for legal basis for cross-regulatory information sharing
    edpb.europa.eu / Primary / Published JUL 17, 2026 / Accessed JUL 17, 2026

Newsletter

The Robotics Briefing

A daily front-page digest delivered around noon Central Time, with the strongest headlines linked straight into the full stories.

No spam. Unsubscribe anytime. Read our privacy policy for details.