The EDPB has launched a website auditing tool that can be used to help analyse whether websites are compliant with the law. The tool was developed in the context of the EDPB Support Pool of Experts (SPE) and can be used by both legal and technical auditors at data protection authorities (DPAs), as well as by controllers and processors who wish to test their own websites. The tool is a Free and Open Source Software under the EUPL 1.2 Licence and is available for download on code.europa.eu. The source code is available here.
The new tool allows preparing, carrying out and evaluating audits directly in the tool by a simple visit to the website in question. The tool is also compatible with other tools, such as the EDPS website evidence collector, and allows auditors to import and evaluate the results of audits carried out on those tools. Finally, the tool can generate reports.
While several website auditing tools already exist, these usually require technical expertise. Therefore, the EDPB decided to develop a solution that would be easy to use in order to facilitate enforcement by national DPAs and compliance checks by controllers.
The software was developed by an SPE expert under the supervision of the EDPB Secretariat. It was presented to auditors from DPAs at the first EDPB Bootcamp in June 2023. Following positive feedback from the participants, it was decided to consolidate the software and publish it as Free and Open Source Software. A second version with new features is planned for later this year.
The Support Pool of Experts was developed as part of the EDPB 2021-2023 Strategy to help DPAs increase their capacity to enforce by developing common tools and giving them access to a wide pool of experts.