The supervisory unit in charge of overseeing how institutions in the European Union handle data protection vows that enforcing the GDPR over the next four years will be critical.

In a 28-page document (.PDF) outlining the authority’s strategy for 2020-2024, the European Data Protection Supervisor said Tuesday that it hopes to keep pace with the rapidly changing world of data protection, and further enforce European data protection rules so the GDPR is "is adequately and proportionally enforced."

The EDPB also said it hopes to strengthen its cooperation with data protection authorities for high profile cases and ensure that EUI websites and mobile apps are complying with EU law, namely third -party tracking requirements.

The European Data Protection Supervisor (EDPS) is the data protection authority for the European Union institutions, bodies and agencies; it consults with the European Data Protection Board and Europol on issues.

In the guidance, the said that it was planning to embrace three key strategy pillars going forward: Foresight, action, and solidarity.

By foresight, the EDPS means it wants to stay abreast of what's going on in the world in order to support strategic objectives. By action, it means it wants the EU, through tools and collaboration, to continue to be a pioneer when it comes to safeguarding digital rights and responsible data processing.

By solidarity, it says it aims to ensure that EU promotes digital justice and privacy over everything else. " Data protection is   one   of   the   last   lines   of   defence   for   vulnerable individuals, such as migrants and asylum seekers approaching  EU  external  borders. Although the EU has accumulated a patchwork of measures in the areas of police and judicial cooperation and border management, the legal framework remains fragmented, creating unnecessary discrepancies. "

The guidance also suggests that there should be a halt to automatic recognition technologies in public spaces. Not just facial recognition - but "gait, fingerprints, DNA, voice, keystrokes and other biometric or behavioural signals."

Among the challenges the EDPS says it'll face are potentially shifting ways to identify individuals - moving away from third-party cookies, growing complexity in digital systems, and how to balance data minimization with sustainability - while digital technologies have aided us great they've had an adverse impact on the environment.

In announcing the strategy, EDPS Supervisor Wojciech Wiewiórowski also commented on how the ongoing COVID-19 pandemic has impacted the authority's efforts, stressing that the increased dependency on data and technologies "amplifies the pre-existing conditions of our digital ecosystem, including the concentration of market power, information asymmetries, disinformation, manipulation, data breaches and platform dominance."

The strategies come about a week after the European Commission, the EU's executive body, issued its first evaluation report (.PDF) around the GDPR. In the report, it said that the privacy legislation has been an overall success but that there's a "certain level of fragmentation that must be continually monitored."