On February 13, 2025, the Coordinated Supervision Committee (CSC) of the European Data Protection Board (EDPB) published its activity report for the period from July 2022 to December 2024. The report outlines the CSC’s efforts in overseeing large-scale EU IT systems to ensure consistent data protection standards and safeguard fundamental rights.

The CSC, an autonomous coalition of Data Protection Authorities (DPAs), has assumed supervision over key systems, including the upgraded Schengen Information System (SIS) and the Visa Information System (VIS). It also prepared for the implementation of interoperability regulations and issued recommendationson transparency obligations for data controllers using the Internal Market Information System (IMI). In July 2023, the CSC released a guide detailing how data subjects can exercise their rights—access, rectification, erasure, and restriction—regarding Europol’s information systems.

Further, the CSC conducted a coordinated review in response to the 2022 EDPS Audit Report on Europol’s processing of minors’ personal data and has strengthened stakeholder engagement, notably with civil society, to boost data protection awareness. Looking ahead, the CSC plans to expand its oversight to additional systems and agencies, such as the Entry-Exit System (EES), European Travel Information and Authorisation System (ETIAS), Prüm II Regulation, ECRIS-TCN, and Eurodac. This expansion is expected to more than double its workload, necessitating additional resources and enhanced coordination among DPAs.

The report emphasizes that the CSC will continue to support national DPAs by clarifying EU and national laws, promoting best practices, and facilitating joint audits and inspections to maintain high standards in data protection across interconnected EU systems.

Read the full press release here.