This report by the GDPR regulatory burden reduction working group examines how the administrative burden of privacy legislation can be reduced for small and medium-sized enterprises (SMEs). Entrepreneurs often find the current rules complex and unclear, which leads to high costs for external advisors and uncertainty about proper compliance. The source proposes concrete improvements, such as more understandable information, practical digital tools, and the promotion of sectoral solutions such as codes of conduct. In addition, it advocates a 'white list' of activities with a low privacy risk for which less stringent requirements apply. The aim is to increase workability for entrepreneurs without compromising the protection of personal data. In this way, the advice is in line with broader European initiatives to significantly reduce the regulatory burden on smaller businesses.
