DPC welcomes publication of the European Data Protection Board’s report on the implementation of the right of access by controllers

The DPC welcomes today’s publication of the European Data Protection Board’s (EDPB) report on the implementation of the right of access by controllers.

The report highlights actions taken throughout 2024 involving 30 Supervisory Authorities across the EU/EEA, under the Coordinated Enforcement Framework (CEF). The report summarises the outcome of a series of coordinated national actions carried out in 2024 under the CEF, listing some issues that were observed for some controllers, along with a series of recommendations to help them implement the right of access.

Commenting on the Report, Deputy Commissioner at the DPC, Graham Doyle said: “The DPC is proud to have been involved in the work conducted under the Coordinated Enforcement Framework since its establishment in October 2020. We very much welcome the publication of this report and we note the positive references the report makes to enforcement actions taken by the DPC. The report also makes positive references to significant guidance that we’ve published aimed at controllers to assist them with their compliance efforts, as well as guidance aimed towards data subjects and an FAQ section on our website (www.dataprotection.ie) which provide further clarity in relation to the right of access."

For 2025, the Coordinated Enforcement Framework will focus on the implementation of the right to erasure.

You can read the full report here CEF 2024: EDPB identifies challenges to the full implementation of the right of access | European Data Protection Board