Article 29 Working Party

GDPR Guidelines – Is The Article 29 Working Party Going Too Far?

David Smith

The Article 29 Working Party has been working overtime to publish guidelines on a wide range of GDPR requirements. Not surprisingly, given the impact of the GDPR, there have been calls for even more guidance but the data protection authorities that make up the Working Party have limited resources and it is not always easy Read More

No Comments

WP29 guidelines on transparency under GDPR

Nigel Parker

Shortly before the Christmas break, the Article 29 Working Party (WP29) published keenly awaited draft guidelines on transparency and consent under the GDPR. These guidelines will be closely scrutinised. Privacy notices, requests for consent, how an organisation deals with data subject enquiries regarding the processing of personal data, and how an organisation communicates information in Read More

No Comments

WP29 draft guidelines on profiling and automated decision-making under the GDPR

Ondrej Kramolis

On 17 October, the Article 29 Working Party (WP29) published new draft guidelines on profiling and automated decision-making under the GDPR (the Guidelines). The Guidelines identify two benefits of profiling – increased efficiencies and resource savings and note that profiling and automated-decision making can be used to tailor services and products to align with individual Read More

No Comments

WP29 guidelines on personal data breach notification under GDPR

Anita Anand

The Article 29 Working Party this week published draft Guidelines on personal data breach notification under GDPR.  The relevant GDPR provisions are often misrepresented, and in many respects leave matters open to interpretation – a good or bad thing depending on the day.  Many are now asking what further clarity the draft guidelines bring for companies Read More

No Comments

A29 Working Party Opinion on Data Processing at Work

Nigel Parker

  The boundaries between work and home are increasingly blurred.  This means employee monitoring activities can inadvertently extend to monitoring employees in a private context. The Article 29 Working Party recently published a new opinion concerning data processing at work. It covers a wide range of topics, including the processing of employee data on social Read More

No Comments

Article 29 Working Party adopts Guidelines on the “lead supervisory authority”

Peter van Dyck

One of the key innovations of the upcoming General Data Protection Regulation (GDPR) is the so-called one stop shop principle.  This principle aims to avoid companies that undertake cross-border processing of personal data finding themselves subject to a plurality of competent data protection authorities. Concretely, the GDPR provides that the data protection authority in the Read More

No Comments