Article 57 - Tasks
1 preliminary rulingJudgment of 9 Jan 2025, C-416/23 (Österreichische Datenschutzbehörde) 
1. Article 57(4) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), must be interpreted as meaning that the concept of a ‘request’ in that provision covers the complaints referred to in Article 57(1)(f) and Article 77(1) of that regulation.
Article 57(4) of Regulation 2016/679 must be interpreted as meaning that requests cannot be classified as ‘excessive’, within the meaning of that provision, solely on account of their number during a specific period, since the exercise of the option provided for in that provision is subject to the supervisory authority’s demonstrating the existence of an abusive intention on the part of the person who submitted those requests.
Article 57(4) of Regulation 2016/679 must be interpreted as meaning that, when faced with excessive requests, a supervisory authority may choose, by reasoned decision, between charging a reasonable fee based on administrative costs and refusing to act on those requests, taking account of all the relevant circumstances and satisfying itself that the chosen option is appropriate, necessary and proportionate.
Disclaimer