The European Data Protection Board (EDPB) published on Valentine's Day 2023 its working program for the next two years. Organizations (EU and non-EU) that are dealing with EU GDPR (#DataProtection) compliance should have this agenda on the radar when determining their own data strategy for next years.
These are the most important topics:
Data breaches, children data, data subject rights, use of social media by government bodies, health data, international adequacy decisions, BCRs, anonymization/pseudonymization, AI Act vs. GDPR, telemetry usage data and harmonized enforcement.
Most topics are not really surprising.
I would have expected also focus on adtech and had hoped for stronger guidance to finally solve the burdensome data transfers topic, especially in cloud situation, and also a stronger focus on AI related topics. Use of social media by government bodies looks like a cautious approach that, however, will give indirect guidance also to private organizations.