Brussels, 13 February – The EDPB published the Coordinated Supervision Committee's (CSC) biannual activity report, covering July 2022 to December 2024.
Over the last two years, the CSC worked on the integration of large-scale EU information technology (IT) systems within its scope. During this reporting period, it took over the supervision of the upgraded Schengen Information System (SIS) and the Visa Information System (VIS).
In addition, the Committee prepared for the arrival of new systems and for the implementation of interoperability regulations.
The Committee has also published a set of recommendations on the Internal Market Information System (IMI) transparency obligations for data controllers.
Furthermore, in July 2023, the CSC published ‘Europol’s information systems - a guide for exercising data subjects’ rights: the right of access, rectification, erasure and restriction’.
Following the 2022 Audit Report of the EDPS on Europol’s processing of personal data of minors under 15 years old, provided to Europol by third countries and international organisations and marked as suspects, the CSC undertook a coordinated activity to analyse the input from several Member States.
During the past two years, the Committee also promoted dialogue and engagement with stakeholders, particularly with civil society.
Update: Brussels, 27 February – The CSC has also adopted its work programme for 2025-2026. To ensure a continuous high level of protection of individuals’ rights, the Committee will dedicate closer attention to the following topics: allocation of roles (controller, joint controller, processor) in systems falling under the Justice and Home Affairs (JHA) interoperability framework, and streamlined cooperation when handling complaints (JHA interoperability framework and Europol, Eurojust, European Public Prosecutor’s Office).
Looking forward, the CSC is ready to welcome more EU IT systems and EU bodies, offices, or agencies within its scope. As the range of the CSC’s activities continues to expand, the Committee will keep its organisation and operation under constant review to ensure effective and efficient supervision.
In addition, the CSC will continue to assist national data protection authorities (DPAs) in their work, by providing further clarification on the interpretation of EU and national laws. The Committee will also foster the exchange of information and best practices, and provide support for joint audits and coordinated inspections.
Taking advantage of its unique framework and broad perspective, the CSC will ensure the proper monitoring of multiple data flows among systems, transversal interactions, and sharing of information between EU agencies and bodies. To this end, and to guarantee a high level of data protection, the Committee will keep developing coordinated supervisory activities.
Background: The CSC is a group of DPAs that together ensure coordinated supervision of large-scale IT systems and of EU bodies, offices, and agencies falling under its scope. The CSC enjoys autonomous functioning and positioning and adopts its own rules of procedure and working methods. The Committee was established within the framework of the EDPB.