The GDPR's Right of Access aims to empower users with control over their personal data via Data Download Packages (DDPs). However, their effectiveness is often compromised by inconsistent platform implementations, questionable data reliability, and poor user comprehensibility. This paper conducts a comprehensive audit of DDPs from three social media platforms (TikTok, Instagram, and YouTube) to systematically assess these critical drawbacks. Despite offering similar services, we find that these platforms demonstrate significant inconsistencies in implementing the Right of Access, evident in varying levels of shared data. Critically, the failure to disclose processing purposes, retention periods, and other third-party data recipients serves as a further indicator of non-compliance. Our reliability evaluations, using bots and user-donated data, reveal that while TikTok's DDPs offer more consistent and complete data, others exhibit notable shortcomings. Similarly, our assessment of comprehensibility, based on surveys with 400 participants, indicates that current DDPs substantially fall short of GDPR's standards. To improve the comprehensibility, we propose and demonstrate a two-layered approach by: (1)~enhancing the data representation itself using stakeholder interpretations; and (2)~incorporating a user-friendly extension (\textit{Know Your Data}) for intuitive data visualization where users can control the level of transparency they prefer. Our findings underscore the need for clearer and non-conflicting regulatory guidance, stricter enforcement, and platform commitment to realize the goal of GDPR's Right of Access.

翻译：GDPR的数据访问权旨在通过数据下载包（DDPs）赋予用户对其个人数据的控制权。然而，这些功能的实际效果常因平台实现不一致、数据可靠性存疑以及用户理解性差而大打折扣。本文对三个社交媒体平台（TikTok、Instagram和YouTube）的DDPs进行全面审计，系统评估这些关键缺陷。研究发现，尽管这些平台提供相似服务，但在实施数据访问权时却表现出显著不一致性，具体体现在共享数据的层级差异上。更为关键的是，未能披露处理目的、保留期限及其他第三方数据接收方，进一步表明其存在不合规问题。我们通过机器人及用户捐赠数据进行的可靠性评估显示，TikTok的DDPs在数据一致性与完整性方面表现更优，而其他平台则存在明显不足。同样，基于400名参与者的调查，我们对DDPs的可理解性评估表明，当前DDPs远未达到GDPR的标准。为提升可理解性，我们提出并验证了一种双层方法：(1) 利用利益相关者解读改进数据呈现方式；(2) 集成用户友好型扩展插件《了解你的数据》（Know Your Data），实现直观的数据可视化，让用户可自主选择偏好透明程度。我们的研究结果强调了更清晰且无冲突的监管指引、更严格的执行力度以及平台承诺对于实现GDPR数据访问权目标的必要性。