The Right to Erasure Under the Spotlight: What the 2025 EU Coordinated Enforcement Means for Organizations and Individuals

In 2025, the European Data Protection Board (EDPB) has taken a significant step by launching its Coordinated Enforcement Framework (CEF) focusing on the right to erasure, also known as the “right to be forgotten,” under Article 17 of the GDPR. This initiative marks a major development in data protection, as 30 Data Protection Authorities (DPAs) across Europe, along with the European Data Protection Supervisor, will be scrutinizing how organizations manage erasure requests, including their compliance with the conditions and exceptions outlined in the GDPR.

Why the Right to Erasure is a Priority

The right to erasure is one of the most frequently exercised rights under the GDPR and a common source of complaints to DPAs. Individuals are increasingly aware of their privacy rights and are actively seeking to control their personal data. This right allows individuals to request the deletion of their personal data when it is no longer necessary, when consent is withdrawn, or when the data has been unlawfully processed, among other reasons. The high volume of requests and complaints highlights the importance of this right in the digital age.

What the Coordinated Enforcement Means

The coordinated enforcement by the EDPB means that DPAs will be actively contacting organizations across various sectors to open investigations and share findings. This collaborative approach aims to identify trends and compliance gaps in how erasure requests are handled. By pooling resources and insights, the DPAs can ensure a more consistent and effective enforcement of the GDPR across Europe.

What Organizations Should Do Now

Organizations should take proactive steps to review and strengthen their procedures for handling erasure requests. This includes ensuring that there is clear documentation of the processes in place and that staff are adequately trained to handle such requests. Organizations should also be prepared for possible inquiries from DPAs, which may involve providing evidence of compliance and demonstrating how erasure requests are managed.

Potential Outcomes

The aggregated results from this coordinated enforcement will inform future guidance and enforcement actions at both national and EU levels. This could lead to the development of new best practices or even regulatory changes aimed at enhancing the protection of personal data. Organizations that fail to comply may face significant penalties, making it crucial for them to align their practices with the GDPR requirements.

Conclusion

The 2025 EU Coordinated Enforcement on the right to erasure underscores the ongoing commitment to upholding data protection rights in Europe. For both data controllers and data subjects, this initiative highlights the importance of understanding and complying with GDPR provisions. As regulatory priorities and enforcement trends continue to evolve, staying informed and prepared is essential for navigating the complex landscape of data protection.

Other Links on the Web

• Data Protection Update August 2025
• 51 Useful Data Protection Resources
• EDPB News on CEF 2025 Launch
• Principles of Privacy by Design
• BR Privacy & Security Download September 2025