Opinions etc on CSAM compromise proposal by Danish presidency
Dear European Data Protection Supervisor,
Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information:
– Any opinions, correspondence, internal notes, preparatory documents, meeting records or similar documents held by the EDPS concerning the compatibility of the compromise proposal of July 1, 2025, of the Danish presidency for a Regulation laying down rules to prevent and combat child sexual abuse (the ‘Chat Control’/CSAM proposal) with the Charter of Fundamental Rights and the General Data Protection Regulation (GDPR).
Yours faithfully,
Astrid Fischer,
Journalist,
Danish Broadcasting Corporation (DR)
DK-0999 Copenhagen C
Denmark
Phone: +45 28 54 59 83
Dear requester,
We acknowledge the receipt of your request, registered on 29.10.2025. In
accordance with Article 7(1) of Regulation (EU) No 1049/2001 regarding
public access to European Parliament, Council and Commission documents,
you will receive a reply within 15 working days (by 19.11.2025).
Your case number is 2025-1010.
Please note that your personal data will only be processed for the
purposes of replying to your request and in accordance with the privacy
statement set out below. More information on how the EDPS process personal
information can be found on our [1]website.
Yours sincerely,
EDPS Access to Documents
[2]| Tel. (+32) 228 31900 | Fax (+32) 228 31950 | › Email:
[3][email address]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
[4]Twitter [5]@EU_EDPS [6]Website [7]www.edps.europa.eu
This email (and any attachment) may contain information that is internal
or confidential. Unauthorised access, use or other processing is not
permitted. If you are not the intended recipient please inform the
sender by reply and then delete all copies. Emails are not secure as
they can be intercepted, amended, and infected with viruses. The EDPS
therefore cannot guarantee the security of correspondence by email.
Data Protection Notice
According to Articles 15 and 16 of Regulation (EU) 2018/1725 (the
Regulation), we are processing your personal data in order to reply to
your request. The controller is the European Data Protection Supervisor
(EDPS). The legal basis for this processing operation is Article 5(1)(b)
of the Regulation, since processing is necessary for compliance with a
legal obligation to which the EDPS is subject. The data processed include
your contact details, your request, as well as personal data that might be
collected during the investigation of your request. For the EDPS, case
handlers, administrative staff and hierarchy involved in the request
handling will have access to the case file containing your personal data
on a need-to-know basis. All access to case files is logged. Your data
will only be transferred to other EU institutions and bodies or to third
parties when it is necessary to ensure the appropriate investigation or
follow up of your request. Your data will be stored by the EDPS in
electronic files until the end of the reporting period of the current year
(as a rule, until mid-next year), unless legal proceedings require us to
keep them for a longer period. Afterwards, only a brief anonymous note
will be included in a file in order to keep record of the request.
You have the right of access to your personal data and to relevant
information concerning how we use it. You have the right to rectify your
personal data. Under certain conditions, you have the right to ask that we
delete your personal data or restrict its use. We will consider your
request, take a decision and communicate it to you. For more information,
please see Articles 14 to 21, 23 and 24 of the Regulation. Please note
that in some cases restrictions under Article 25 of the Regulation may
apply. Any request to exercise your rights should be addressed to the EDPS
at [8][EDPS request email]. You may also contact the data protection
officer of the EDPS ([9][email address]), if you have any remarks
or complaints regarding the way we process your personal data. You have
the right to lodge a complaint with the EDPS, as supervisory authority.
Any such request should be addressed to the EDPS at
[10][EDPS request email]. You can reach the EDPS in the following ways:
e-mail: [11][EDPS request email]; EDPS postal address: European Data
Protection Supervisor, Rue Wiertz 60, B-1047 Brussels, Belgium.
References
Visible links
1. https://edps.europa.eu/about-edps/data-p...
2. file:///tmp/tel:+3222831900
3. mailto:[email address]
5. http://@eu_edps/
7. http://www.edps.europa.eu/
http://www.edps.europa.eu/
8. mailto:[EDPS request email]
9. mailto:[email address]
10. mailto:[EDPS request email]
11. mailto:[EDPS request email]
Dear requester,
We are writing to you concerning your access to documents request case
number 2025-1010.
In accordance with Article 7 (1) of Regulation (EU) No 1049/2001 regarding
public access to European Parliament, Council and Commission documents,
you are entitled to receive a reply within 15 working days.
However, the EDPS will not be in a position to respond within the original
time limit of 15 working days. We have therefore decided to extend the
time limit by 15 working days in accordance with Article 7(3) of
Regulation (EU) 1049/2001.
You should expect to receive a reply from the EDPS by 10.12.2025 at the
latest.
Your sincerely,
EDPS Access to Documents
[1]| Tel. (+32) 228 31900 | Fax (+32) 228 31950 | › Email:
[2][email address]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
[3]Twitter [4]@EU_EDPS [5]Website [6]www.edps.europa.eu
This email (and any attachment) may contain information that is internal
or confidential. Unauthorised access, use or other processing is not
permitted. If you are not the intended recipient please inform the
sender by reply and then delete all copies. Emails are not secure as
they can be intercepted, amended, and infected with viruses. The EDPS
therefore cannot guarantee the security of correspondence by email.
Data Protection Notice
According to Articles 15 and 16 of Regulation (EU) 2018/1725 (the
Regulation), we are processing your personal data in order to reply to
your request. The controller is the European Data Protection Supervisor
(EDPS). The legal basis for this processing operation is Article 5(1)(b)
of the Regulation, since processing is necessary for compliance with a
legal obligation to which the EDPS is subject. The data processed include
your contact details, your request, as well as personal data that might be
collected during the investigation of your request. For the EDPS, case
handlers, administrative staff and hierarchy involved in the request
handling will have access to the case file containing your personal data
on a need-to-know basis. All access to case files is logged. Your data
will only be transferred to other EU institutions and bodies or to third
parties when it is necessary to ensure the appropriate investigation or
follow up of your request. Your data will be stored by the EDPS in
electronic files until the end of the reporting period of the current year
(as a rule, until mid-next year), unless legal proceedings require us to
keep them for a longer period. Afterwards, only a brief anonymous note
will be included in a file in order to keep record of the request.
You have the right of access to your personal data and to relevant
information concerning how we use it. You have the right to rectify your
personal data. Under certain conditions, you have the right to ask that we
delete your personal data or restrict its use. We will consider your
request, take a decision and communicate it to you. For more information,
please see Articles 14 to 21, 23 and 24 of the Regulation. Please note
that in some cases restrictions under Article 25 of the Regulation may
apply. Any request to exercise your rights should be addressed to the EDPS
at [7][EDPS request email]. You may also contact the data protection
officer of the EDPS ([8][email address]), if you have any remarks
or complaints regarding the way we process your personal data. You have
the right to lodge a complaint with the EDPS, as supervisory authority.
Any such request should be addressed to the EDPS at
[9][EDPS request email]. You can reach the EDPS in the following ways:
e-mail: [10][EDPS request email]; EDPS postal address: European Data
Protection Supervisor, Rue Wiertz 60, B-1047 Brussels, Belgium.
From: EDPS Access to Documents <[email address]>
Sent: 29 October 2025 10:35
To: Astrid Fischer <[FOI #16499 email]>
Subject: Acknowledgement of receipt access to documents [EDPS ref:
2025-1010 - D (2025) 4019]
Dear requester,
We acknowledge the receipt of your request, registered on 29.10.2025. In
accordance with Article 7(1) of Regulation (EU) No 1049/2001 regarding
public access to European Parliament, Council and Commission documents,
you will receive a reply within 15 working days (by 19.11.2025).
Your case number is 2025-1010.
Please note that your personal data will only be processed for the
purposes of replying to your request and in accordance with the privacy
statement set out below. More information on how the EDPS process personal
information can be found on our [11]website.
Yours sincerely,
EDPS Access to Documents
[12]| Tel. (+32) 228 31900 | Fax (+32) 228 31950 | › Email:
[13][email address]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
[14]Twitter [15]@EU_EDPS [16]Website [17]www.edps.europa.eu
This email (and any attachment) may contain information that is internal
or confidential. Unauthorised access, use or other processing is not
permitted. If you are not the intended recipient please inform the
sender by reply and then delete all copies. Emails are not secure as
they can be intercepted, amended, and infected with viruses. The EDPS
therefore cannot guarantee the security of correspondence by email.
Data Protection Notice
According to Articles 15 and 16 of Regulation (EU) 2018/1725 (the
Regulation), we are processing your personal data in order to reply to
your request. The controller is the European Data Protection Supervisor
(EDPS). The legal basis for this processing operation is Article 5(1)(b)
of the Regulation, since processing is necessary for compliance with a
legal obligation to which the EDPS is subject. The data processed include
your contact details, your request, as well as personal data that might be
collected during the investigation of your request. For the EDPS, case
handlers, administrative staff and hierarchy involved in the request
handling will have access to the case file containing your personal data
on a need-to-know basis. All access to case files is logged. Your data
will only be transferred to other EU institutions and bodies or to third
parties when it is necessary to ensure the appropriate investigation or
follow up of your request. Your data will be stored by the EDPS in
electronic files until the end of the reporting period of the current year
(as a rule, until mid-next year), unless legal proceedings require us to
keep them for a longer period. Afterwards, only a brief anonymous note
will be included in a file in order to keep record of the request.
You have the right of access to your personal data and to relevant
information concerning how we use it. You have the right to rectify your
personal data. Under certain conditions, you have the right to ask that we
delete your personal data or restrict its use. We will consider your
request, take a decision and communicate it to you. For more information,
please see Articles 14 to 21, 23 and 24 of the Regulation. Please note
that in some cases restrictions under Article 25 of the Regulation may
apply. Any request to exercise your rights should be addressed to the EDPS
at [18][EDPS request email]. You may also contact the data protection
officer of the EDPS ([19][email address]), if you have any remarks
or complaints regarding the way we process your personal data. You have
the right to lodge a complaint with the EDPS, as supervisory authority.
Any such request should be addressed to the EDPS at
[20][EDPS request email]. You can reach the EDPS in the following ways:
e-mail: [21][EDPS request email]; EDPS postal address: European Data
Protection Supervisor, Rue Wiertz 60, B-1047 Brussels, Belgium.
References
Visible links
1. file:///tmp/tel:+3222831900
2. mailto:[email address]
4. http://@eu_edps/
6. http://www.edps.europa.eu/
http://www.edps.europa.eu/
7. mailto:[EDPS request email]
8. mailto:[email address]
9. mailto:[EDPS request email]
10. mailto:[EDPS request email]
11. https://edps.europa.eu/about-edps/data-p...
12. file:///tmp/tel:+3222831900
13. mailto:[email address]
15. http://@eu_edps/
17. http://www.edps.europa.eu/
http://www.edps.europa.eu/
18. mailto:[EDPS request email]
19. mailto:[email address]
20. mailto:[EDPS request email]
21. mailto:[EDPS request email]
Dear Ms Fischer,
Attached you will find the letter, on the above-mentioned subject, for
your attention.
It was signed electronically by Ms Luisa Palla.
Best regards,
EDPS Access to Documents
[1]| Tel. (+32) 228 31900 | Fax (+32) 228 31950 | › Email:
[2][email address]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
[3]Twitter [4]@EU_EDPS [5]Website [6]www.edps.europa.eu
This email (and any attachment) may contain information that is internal
or confidential. Unauthorised access, use or other processing is not
permitted. If you are not the intended recipient please inform the
sender by reply and then delete all copies. Emails are not secure as
they can be intercepted, amended, and infected with viruses. The EDPS
therefore cannot guarantee the security of correspondence by email.
Data Protection Notice
According to Articles 15 and 16 of Regulation (EU) 2018/1725 (the
Regulation), we are processing your personal data in order to reply to
your request. The controller is the European Data Protection Supervisor
(EDPS). The legal basis for this processing operation is Article 5(1)(b)
of the Regulation, since processing is necessary for compliance with a
legal obligation to which the EDPS is subject. The data processed include
your contact details, your request, as well as personal data that might be
collected during the investigation of your request. For the EDPS, case
handlers, administrative staff and hierarchy involved in the request
handling will have access to the case file containing your personal data
on a need-to-know basis. All access to case files is logged. Your data
will only be transferred to other EU institutions and bodies or to third
parties when it is necessary to ensure the appropriate investigation or
follow up of your request. Your data will be stored by the EDPS in
electronic files until the end of the reporting period of the current year
(as a rule, until mid-next year), unless legal proceedings require us to
keep them for a longer period. Afterwards, only a brief anonymous note
will be included in a file in order to keep record of the request.
You have the right of access to your personal data and to relevant
information concerning how we use it. You have the right to rectify your
personal data. Under certain conditions, you have the right to ask that we
delete your personal data or restrict its use. We will consider your
request, take a decision and communicate it to you. For more information,
please see Articles 14 to 21, 23 and 24 of the Regulation. Please note
that in some cases restrictions under Article 25 of the Regulation may
apply. Any request to exercise your rights should be addressed to the EDPS
at [7][EDPS request email]. You may also contact the data protection
officer of the EDPS ([8][email address]), if you have any remarks
or complaints regarding the way we process your personal data. You have
the right to lodge a complaint with the EDPS, as supervisory authority.
Any such request should be addressed to the EDPS at
[9][EDPS request email]. You can reach the EDPS in the following ways:
e-mail: [10][EDPS request email]; EDPS postal address: European Data
Protection Supervisor, Rue Wiertz 60, B-1047 Brussels, Belgium.
References
Visible links
1. file:///tmp/tel:+3222831900
2. mailto:[email address]
4. http://@eu_edps/
6. http://www.edps.europa.eu/
http://www.edps.europa.eu/
7. mailto:[EDPS request email]
8. mailto:[email address]
9. mailto:[EDPS request email]
10. mailto:[EDPS request email]