The European Data Protection Board (EDPB) last month launched a new website auditing tool to help organizations and authorities assess compliance with the General Data Protection Regulation (GDPR).

The free and open-source tool simplifies the process for both data protection authorities (DPAs) and website owners.

This user-friendly tool empowers legal and technical auditors at DPAs to efficiently conduct website audits. Additionally, website controllers and processors can utilize it to proactively evaluate their own compliance.

The tool facilitates the entire audit process directly within its interface. Users can initiate, conduct, and analyze audits simply by visiting the website in question. Additionally, it seamlessly integrates with other tools like the EDPS website evidence collector, allowing for importing and evaluating results from various sources.

Recognizing the technical complexities of existing website auditing tools, the EDPB prioritized ease of use. This tool aims to streamline enforcement efforts by DPAs and empower website owners to take charge of their GDPR compliance.

Developed by an expert from the EDPB Support Pool of Experts (SPE), the tool was presented and received positive feedback at the first EDPB Bootcamp in June 2023. Following this success, the EDPB made it publicly available under the EUPL 1.2 license, encouraging community contributions and further development. A second version with enhanced features is already planned for later this year.

This tool aligns with the EDPB 2021-2023 Strategy, which aims to strengthen DPAs' enforcement capabilities. The SPE, a key component of this strategy, equips DPAs with common tools and expert resources.

By providing a free and accessible website auditing tool, the EDPB is taking a significant step towards simplifying GDPR compliance for both organizations and authorities.