EDPB adopts Guidelines on Right of Access and letter on cookie consent

Jan 19, 2022

Source: European Data Protection Board

Brussels, 19 January – During its January plenary session, the EDPB adopted Guidelines on the Right of Access. The Guidelines aim to analyse the various aspects of the right of access and to provide more precise guidance on how the right of access has to be implemented in different situations. Among others, the Guidelines provide clarifications on the scope of the right of access, the information the controller has to provide to the data subject, the format of the access request, the main modalities for providing access, and the notion of manifestly unfounded or excessive requests. A stakeholder event on this topic was held in November 2019 and stakeholders’ views and opinions were taken into consideration during the drafting process.

EDPB Chair Andrea Jelinek said: “The right of access enables individuals to get knowledge on how and why their personal date are processed. The Guidelines provide examples to support controllers to answer access requests in a GDPR compliant manner.”

The Guidelines will be subject to public consultation for a period of 6 weeks.

In addition, the EDPB adopted a letter in reply to letters calling for a consistent interpretation of cookie consent. In the letter, the EDPB reiterates that it is committed to ensuring the harmonised application of data protection rules throughout the European Economic Area. In this respect, the EDPB has recently set up a taskforce on cookie banners to coordinate the response to complaints concerning cookie banners. Furthermore, the EDPB has updated the Guidelines on consent in order to ensure a harmonized approach on the conditionality of consent and on the unambiguous indication of wishes.

Note to editors:
All documents adopted during the EDPB Plenary are subject to the necessary legal, linguistic and formatting checks and will be made available on the EDPB website once these have been completed.


Recent news

CSC elects 2nd Deputy Coordinator

The Coordinated Supervision Committee (CSC) has elected Matej Sironic from the Slovenian Data Protection Authority (DPA) as its Deputy Coordinator for a term of two years. Sironic will be the second Deputy Coordinator, and will work along with Sebastian Hümmeler from...

read more