Accessibility Tools

Welcome to the web page of the EDPS Data Protection Officer

In common with all other European institutions, the EDPS is subject to specific legal obligations concerning the protection of personal data. These obligations are laid down in the Data Protection Regulation (Regulation (EC) No 45/2001).

Apart from specifying the legal principles governing the processing of personal data by the EU administration, the Regulation provides that each European institution or body must appoint at least one person as a Data Protection Officer ("DPO").

The main task of the DPO is to ensure, in an independent manner, the internal application of the provisions of the Regulation in his/her institution. The DPO is also required to keep a register of all of the processing operations involving personal data carried out by the institution. The Register, which must contain information explaining the purpose and conditions of the processing operations, should be accessible to any interested person.

The role of DPO at the EDPS presents many challenges: being independent within an independent institution, meeting the high expectations of colleagues who are particularly aware and sensitive about data protection issues, and delivering solutions that can serve as benchmarks for other institutions. The implementing rules reflect these specificities, while taking into account both the EDPS Position paper and the DPOs Network's Paper on Professional Standards for Data Protection Officers.


 Massimo Attoresi  

 Data Protection Officer



  • 27 November 2015

    Giovanni Buttarelli awarded Premio Dona 2015 for his commitment to protecting privacy of European consumers, Rome, Italy

  • 19 November 2015
    Finishing line in sight for the GDPR: the devil is in the details, W. Wiewiórowski, Assistant EDPS, in the panel debate with Jan Philipp Albrecht, MEP. Watch the video.
  • 19 November 2015

    EDPS encourages a new debate on Big Data. Read our Opinion and the press release.

  • 17 November 2015
    We are in mourning for the victims and families of the horrific terrorist attacks in Paris. These attacks are against us all and we stand united.
  • 13 November 2015

    Finishing line in sight for the GDPR: the devil is in the details
    – W. Wiewiórowski in the live panel debate at 11:00 CET on 13 November 2015. Watch the web streaming.
  • 26 November 2015
    The Industrial Internet Era, Brussels, Belgium, Wojciech Wiewiórowski takes part in panel Cybersecurity, Privacy and the Industrial IoT
  • 17 November 2015
  • 10 November 2015

    Information Security Solutions Europe Conference, Berlin, Germany, ...

  • 05 November 2015

    DPO meeting
    hosted by ENISA, Athens, Greece, Giovanni Buttarelli and Wojciech Wiewiórowski participate in ...
  • 26 October 2015

    37th International Privacy Conference, Amsterdam, The Netherlands, Giovanni Buttarelli and Wojciech Wiewiórowski attend ...

  • 16 October 2015

    The Borderline Between Cybersecurity and Individual Freedoms, 7th Semi-Annual ENAM Conference, Vilnius, Lithuania, keynote speech by Giovanni Buttarelli