EDPB Meeting on Age Assurance, AI Taskforce, and WADA Code

Hunton Andrews Kurth’s Privacy and Cybersecurity

Email

212 309 1223 direct

Bio and Articles

Find Your Next Job !

Family/Matrimonial Law Attorney
On Balance Search Consultants

Matrimonial Attorney
On Balance Search Consultants

Explore More Job Openings

EDPB Adopts Statement on Age Assurance, Creates AI Taskforce and Gives Recommendations at Latest Plenary Meeting

by: Hunton Andrews Kurth’s Privacy and Cybersecurity of Hunton Andrews Kurth - Privacy and Information Security Law Blog-Hunton Andrews Kurth

Tuesday, February 18, 2025

Print Mail Download info_icon_img

/>i

The European Data Protection Board (“EDPB”) held its latest plenary meeting on February 12, 2025. During this meeting, the EDPB: (i) adopted a statement on age assurance (the “Statement”); (ii) decided to create a taskforce on artificial intelligence (“AI”) enforcement; and (iii) adopted Recommendations 1/2025 on the 2027 World Anti-Doping Agency (“WADA”) World Anti-Doping Code (the “Recommendations”).

Through the Statement, the EDPB intends to provide specific guidance that should be taken into consideration when personal data is processed in the context of age assurance. The Statement contains ten principles that “seek to reconcile the protection of children and the protection of personal data in the context of age assurance.” The Statement is focused on how such principles apply to different online use cases and when a duty of care to protect children exists. The principles are:

Full and effective enjoyment of rights and freedoms.
Risk-based assessment of the proportionality of age assurance.
Prevention of data protection risks.
Purpose limitation and data minimization.
Effectiveness of age assurance.
Lawfulness, fairness and transparency.
Automated decision-making.
Data protection by design and by default.
Security of age assurance.

With regards to the taskforce, the EDPB made the decision to extend the scope of the existing ChatGPT taskforce to include AI enforcement.

In October 2024, the European Commission requested that the EDPB, pursuant to Article 70(1)(e) of the EU General Data Protection Regulation (“GDPR”), assess the compatibility of the WADA World Anti-Doping Code (the “Code”) and the corresponding International Standards with the GDPR. The Recommendations include the result of this assessment. The Code aims at harmonizing anti-doping policies, rules and regulations internationally and is supplemented by the eight International Standards, one of which is data protection. The Recommendations address key principles of data protection, including the roles of controller and processor, the need to identify an appropriate legal basis for the processing of personal data, ensuring that personal data is processed for specified, explicit and legitimate purposes and data subject rights.