Related insights: Cyber Risk
Tribunal considers lawfulness of Experian's direct marketing operations
Data Subject Access Requests - required to provide copies of emails?
This opinion (in the case of Österreichische Datenschutzbehörde and CRIF - Case C-487/21) concerns whether the data subject is entitled to a "copy" of the document which contains their personal data, or if it is sufficient to provide an extract.
This decision could have large practical impacts on how data controllers respond to DSARs both in the EU (where it is directly applicable) and in the UK (where it will be persuasive).