The EU’s General Data Protection Regulation imposes stricter obligations on data controllers and processors to ensure the security of personal data. One of the new mechanisms introduced to reach this objective is data breach notification, a concept familiar to U.S.-based privacy professionals, but still relatively new to the EU.
The Article 29 Working Party has published this week its “last revised” guidelines on data protection impact assessments and determining whether processing is “likely to result in a high risk” for the purposes of the GDPR.
The first joint annual review of the Privacy Shield is underway and the European Commission is preparing its report to be issued later this month. Separately, the EU DPAs are also conducting an assessment on how the arrangement is working.
On September 19, 2017, the French Data Protection Authority (“CNIL”) launched an online public consultation on two topics identified by the Article 29 Working Party in its 2017 action plan for the implementation of the EU General Data Protection Regulation (“GDPR”).
The Article 29 Working Party has published a new guidance on data processing in the workplace. We look at the obligations the guidance imposes and suggest five helpful tips for employers.
In further production from the group’s June plenary session , the EU’s Article 29 Working Party, the collection of data protection authorities, released today extensive guidance relating to the privacy of employees, including a series of nine practical scenarios.
The Article 29 Working Party, the collected data protection authorities in the EU, released more information today regarding work completed in its recent June plenary session. It includes extensive new information on records transferred to non-adequate third countries’ financial authorities and details on when to expect further guidance on GDPR implementation.
The Article 29 Working Party , an expert group of European privacy officials, is pressing the European Commission to closely evaluate the EU-US Privacy Shield , a framework permitting the flow of European consumers’ personal data to the United States.
The proposed ePrivacy Regulation: EDPS and WP29 express concerns with consent and tracking walls provisions and other issues
Since its hotly awaited publication in January, the Proposal for an ePrivacy Regulation (“ Proposal “) has come under scrutiny from various stakeholders. Recently both the Article 29 Working Party (“ WP29 “), and the European Data Protection Supervisor (“ EDPS “), have joined the chorus.
The Article 29 Working Party has issued its opinion on the proposed ePrivacy Regulation, saying “it welcomes the proposal” and “the choice for a regulation as the regulatory instrument” because it will help maintain consistency with the General Data Protection Regulation.