By Olivier Rossignol, Head of Information and Communication at the European Data Protection Supervisor (EDPS)

For over 15 years now, I have been working on external communication for the smallest European institution, the European Data Protection Supervisor. In the digital age, personal data protection has become a major societal issue. Too often, communication on the subject struggles to capture attention or generate support. The topic is still perceived as abstract, technocratic, and sometimes stressful. And yet, it is central to our daily online lives.

Why this gap between the importance of the topic and its communication approach?
Because we still communicate about data protection as if we were disseminating a standard: with legal terms, often overly long texts, a disembodied tone, and institutional channels. While this may reassure lawyers, it puts the rest of the world to sleep.

Talking about privacy is actually talking about self-control, intimacy, and trust. In short, fundamental human values. It is parents who want to protect their children online. It is citizens who question targeted advertising or mass surveillance. It is employees who want to understand how their HR data is being further used.

Therefore, there is immense emotional and narrative potential that often remains untapped.
We focus on regulations as legal texts, but rarely on their concrete impact on people’s lives.
Yet, this is where external communications must play its role: making tangible, accessible, and relatable what is often presented as technical and legal.

One of the main obstacles is the language itself. I often strive to publish less dense information and releases, shorter reports, and less cluttered infographics with a human touch. Public communication has to speak the language of conviction.

The result? An increased impact, even among audiences that are a priori less receptive. It is not about oversimplifying or "selling" personal data as a product. It is about talking about it with enthusiasm and accuracy, focusing on formats, stories, and channels that truly resonate with the target audiences.

For several years now, with admittedly limited human and financial resources, I have been exploring more engaging formats with my communications colleagues: video clips, short formats on social media, visual and graphic campaigns, and expert testimonials in the form of blogs and podcasts. The appropriate use of social media like LinkedIn or Instagram, the use of educational visuals and graphic formats allow us to stand out from the crowd by dusting off any outdated forms of institutional communication.

Another avenue, I believe, should also be considered: highlighting positive use cases. For example, showing how an organisation changes its practices following an audit, or how an expert explains the benefits and risks posed by new and abstract technologies. Human testimony can become a powerful lever, especially in an institutional context.

I firmly believe that an institution that works daily to protect fundamental rights, such as personal data and privacy, should not simply present itself as a neutral regulator. It must position itself as a committed actor, capable of persuading, exerting global influence, and inspiring trust. This embodiment is demonstrated through tone, editorial choices, and a strong presence in global debates.

Communicating about privacy is not a luxury, it is a responsibility. In a world where data is becoming a lever of power, public institutions must live up to their mission. This also necessarily involves their external communications and their transparency towards citizens.
It is time to move away from the language of compliance and toward communication based on conviction and confidence.