On 27 June 2024, the EDPB launched the Standardised Messenger Audit project as part of the Support Pool of Experts program, following a request from the German Federal Data Protection Authority (DPA). Prof. Mathieu Cunche concluded the project in November 2023.
What is a Messenger
A messenger is an application designed for real-time communication through text, multimedia, and other data types. Initially intended for personal use, messengers have become integral tools for business collaboration, necessitating stringent data protection measures to comply with regulations like the GDPR.
Objective
The project’s primary aim is to establish a comprehensive test catalogue of requirements for GDPR-compliant messenger services. This catalogue includes mandatory, recommended, and optional criteria to aid data protection authorities and companies in assessing and improving their products.
Project Deliverables
- D1 – Frontend Requirements: This document presents a structured list of criteria aligned with specific GDPR articles. It covers:
- Mandatory Requirements (MUST): Essential criteria for compliance. They follow the articles of GDPR.
- Recommended Requirements (SHOULD): Strongly advised but not compulsory.
- Optional Requirements (MAY): Suggested practices for enhanced privacy.
- D2 – Audit Methodology: This document outlines the verification methods for the criteria specified in D1, ensuring each requirement can be effectively audited.
👉 Read more here.
♻️ Share this if you found it useful.
💥 Follow me on Linkedin for updates and discussions on privacy, digital and AI education.
📍 Subscribe to my newsletter for weekly updates and insights – subscribers get an integrated view of the week and more information than on the blog.
