Article 29 Working Party

A29 Working Party Opinion on Data Processing at Work

Nigel Parker

  The boundaries between work and home are increasingly blurred.  This means employee monitoring activities can inadvertently extend to monitoring employees in a private context. The Article 29 Working Party recently published a new opinion concerning data processing at work. It covers a wide range of topics, including the processing of employee data on social Read More

No Comments

Article 29 Working Party adopts Guidelines on the “lead supervisory authority”

Peter van Dyck

One of the key innovations of the upcoming General Data Protection Regulation (GDPR) is the so-called one stop shop principle.  This principle aims to avoid companies that undertake cross-border processing of personal data finding themselves subject to a plurality of competent data protection authorities. Concretely, the GDPR provides that the data protection authority in the Read More

No Comments

DPOs and the GDPR: Part 2 – Appointing a DPO

Ondrej Kramolis

In its newly published opinion, the Article 29 Working Party (WP29) provides some useful input into discussion on the nature of the role of data protection officers (DPOs) under the GDPR. This is a question which many organisations have been grappling with, as they assess who should take on this role. The WP29 considers the qualifications Read More

No Comments

DPOs and the GDPR: Part 1 – When is a DPO needed?

Catherine di Lorenzo

On 16 December 2016, the Article 29 Working Party (WP29) released highly anticipated guidelines on some of the most critical matters in the implementation of the General Data Protection Regulation (GDPR). These guidelines are not legally binding, but local data protection authorities are likely to follow them.  The WP29 does invite comment on the guidelines Read More

No Comments

Article 29 Working Party opinion on proposed amendments to adequacy decisions

Charlotte Mullarkey

The Article 29 Working Party (WP29) has published Opinion 04/2016 (the Opinion) on two European Commission draft Decisions aimed at curing the defects in the Commission determinations of the adequacy of protection (Adequacy Decisions) identified by the CJEU in Schrems.  Although dated 31st October 2016, it appears to have been only published on Friday and the Read More

No Comments

EU-US Privacy Shield: Trouble Ahead?

Peter van Dyck

On 29 February, the European Commission published the draft texts that constitute the EU-US Privacy Shield. The Article 29 Working Party quickly followed this up with a press release, welcoming the publication of the EU-US Privacy Shield, but stating (somewhat ominously) that the draft texts “have to be analysed with great attention as regards the Read More

No Comments