Regulation (EU) 2018/1725[3] describes the duties and powers of the European Data Protection Supervisor (Chapter VI) as well as the institutional independence of the EDPS as a supervisory authority.

In the "supervisory" role the EDPS' core task is to monitor the processing of personal data in European institutions and bodies.

[6] In most cases, this exercise leads to a set of recommendations that the institution or body needs to implement so as to ensure compliance with data protection rules.

In 2009, for instance, the EDPS adopted more than a hundred prior check opinions, mainly covering issues such as health data, staff evaluation, recruitment, time management, telephone recording performance tools, and security investigations.

The supervisory role of the EDPS also involves investigating complaints[8] lodged by EU staff members or any other individual who feels that their personal data have been mishandled by a European institution or body.

Some recent significant issues to which the EDPS has given special attention include international data transfers,[11] internet governance, rebuilding trust between the EU and the US,[12] eCommunications, cybersecurity, and the future of the area of freedom, security, and justice (Stockholm Programme).

The EDPS and the Working Party have cooperated effectively on a range of subjects, but particularly on the implementation of the Data Protection Directive and on the challenges raised by new technologies.