During its January plenary session, the European Data Protection Board adopted draft Guidelines on the Right of Access. The Guidelines aim to analyse the various aspects of the right of access and to provide more precise guidance on how the right of access must be implemented in different situations. Among other things, the Guidelines provide clarification about the scope of the right of access, the information the data controller must provide to the data subject, the format of the access request, the main methods of providing access, and the concept of manifestly unfounded or excessive requests. The EDPB is consulting on the guidelines for six weeks.
In addition, the EDPB adopted a letter in reply to calls from French organisations for a consistent interpretation of cookie consent. In the letter, the EDPB reiterates that it is committed to ensuring the harmonised application of data protection rules throughout the European Economic Area. In this respect, the EDPB has recently set up a taskforce on cookie banners to coordinate the response to complaints concerning cookie banners. Furthermore, the EDPB has updated the Guidelines on consent to ensure a harmonised approach on the conditionality of consent and on the unambiguous indication of wishes.