Council adopts regulation to speed up cross-border data protection complaints

Today the Council of the EU adopted new rules to improve cooperation between national data protection bodies when they enforce the General Data Protection Regulation (GDPR) in order to speed up the process of handling cross-border data protection complaints.

The measures adopted will streamline administrative procedures relating to, for instance, the rights of complainants or the admissibility of cases, and thus make enforcement of the GDPR in cross-border cases more efficient.

Key measures of the new EU rules:

• Harmonizing admissibility: Regardless of where in the EU a complaint is filed, admissibility will be judged on the basis of the same information.
• Common rules for rights of complainants and parties under investigation.
• Simple cooperation procedure to avoid administrative burden and to settle actions without resorting to the full set of cooperation rules.
• Deadline for investigations to take not more than 15 months. For the most complex cases it can be extended by 12 months.

Outlook

Today’s adoption by the Council is the final legislative step. The regulation will enter into force 20 days after its publication in the Official Journal of the EU. It will become applicable 15 months after its entry into force.

More detailed information to be found in the Council’s press release of 17 November 2025.