Brussels, 05 March – The European Data Protection Board (EDPB) has launched its Coordinated Enforcement Framework (CEF) action for 2025. Following a year-long coordinated action on the right of access in 2024, the CEF’s focus this year will shift to the implementation of another data protection right, namely the right to erasure or the “right to be forgotten” (Art.17 GDPR).
The Board selected this topic during its October 2024 plenary as it is one of the most frequently exercised GDPR rights and one about which DPAs frequently receive complaints from individuals.
Next steps
During 2025, 32 Data Protection Authorities (DPAs) across Europe will take part in this initiative.
Participating DPAs will soon contact a number of controllers from different sectors across Europe, either by opening new formal investigations or doing fact-finding exercises. In the latter case, they might also decide to undertake additional follow-up actions if needed.
DPAs will check how controllers handle and respond to the requests for erasure that they receive and, in particular, how they apply the conditions and exceptions for the exercise of this right.
DPAs will also stay in close contact to share and discuss their findings throughout this year. The results of these national actions will be aggregated and analysed together to generate deeper insight into the topic, allowing for targeted follow-ups on both national and EU levels.
Background
The CEF is a key action of the EDPB under its 2024-2027 strategy, aimed at streamlining enforcement and cooperation among DPAs.
In the past three years, three previous CEF actions on different topics were carried out: