Europe’s world-renowned data privacy regime, anchored by the General Data Protection Regulation (GDPR), is facing an unexpected leadership vacuum. As of June 2025, the European Union has been without a permanent European Data Protection Supervisor (EDPS) for more than six months. This unprecedented delay in appointing a new privacy chief is more than just political gridlock; it’s a growing concern for privacy advocates, tech companies, and EU citizens alike, though it doesn’t mean enforcement is on pause.
So, how did we get here, who are the players involved, and what does this ongoing deadlock mean for the future of digital privacy in Europe?
Before diving into the current impasse, it’s important to understand the critical function of the European Data Protection Supervisor.
The EDPS is:
Since the GDPR came into force in 2018, the EDPS has played a key role in shaping global privacy standards. The outgoing supervisor, Wojciech Wiewiórowski, completed his term in December 2024, leaving behind a legacy of activism and engagement in high-profile digital rights debates.
Despite the urgency of the role, EU lawmakers have been unable to agree on a successor. The process began in earnest in late 2024, with four shortlisted candidates vying for the role. By March 2025, however, the selection process was mired in political disagreement.
Key reasons for the impasse include:
The situation has become so contentious that, as of June 2025, not only is there no clear frontrunner, but there are also growing doubts about whether an appointment will be made before the next European Commission takes office.
The initial shortlist of candidates, published in January 2025, reflected a diverse mix of experience and ideology. Here’s a breakdown of the four finalists:
Despite the clear qualifications among the contenders, no candidate has managed to secure the broad political support needed to clinch the role.
Six months without a permanent EDPS isn’t just a bureaucratic headache, it carries real-world consequences.
Here’s what’s at stake:
Acting officials are currently managing the day-to-day responsibilities of the office, but they lack the mandate and political clout to steer long-term strategy or take bold enforcement actions.
Unless lawmakers break the deadlock, the EU may face the troubling prospect of entering 2026 without a privacy chief. Some potential developments to watch:
In an age where data is currency and digital rights are under constant threat, the EU’s inability to appoint a new privacy chief sends a troubling message. The longer this leadership vacuum persists, the more it jeopardizes the EU’s ability to uphold its own privacy standards and influence global digital governance. While the candidates are ready and the need is urgent, political will remains the missing piece. For now, the fate of EU privacy leadership hangs in the balance and the clock is still ticking.