Article 29 Working Party

WP29 draft guidelines on profiling and automated decision-making under the GDPR

Ondrej Kramolis

On 17 October, the Article 29 Working Party (WP29) published new draft guidelines on profiling and automated decision-making under the GDPR (the Guidelines). The Guidelines identify two benefits of profiling – increased efficiencies and resource savings and note that profiling and automated-decision making can be used to tailor services and products to align with individual Read More

No Comments

WP29 guidelines on personal data breach notification under GDPR

Anita Anand

The Article 29 Working Party this week published draft Guidelines on personal data breach notification under GDPR.  The relevant GDPR provisions are often misrepresented, and in many respects leave matters open to interpretation – a good or bad thing depending on the day.  Many are now asking what further clarity the draft guidelines bring for companies Read More

No Comments

A29 Working Party Opinion on Data Processing at Work

Nigel Parker

  The boundaries between work and home are increasingly blurred.  This means employee monitoring activities can inadvertently extend to monitoring employees in a private context. The Article 29 Working Party recently published a new opinion concerning data processing at work. It covers a wide range of topics, including the processing of employee data on social Read More

No Comments

Article 29 Working Party adopts Guidelines on the “lead supervisory authority”

Peter van Dyck

One of the key innovations of the upcoming General Data Protection Regulation (GDPR) is the so-called one stop shop principle.  This principle aims to avoid companies that undertake cross-border processing of personal data finding themselves subject to a plurality of competent data protection authorities. Concretely, the GDPR provides that the data protection authority in the Read More

No Comments

DPOs and the GDPR: Part 2 – Appointing a DPO

Ondrej Kramolis

In its newly published opinion, the Article 29 Working Party (WP29) provides some useful input into discussion on the nature of the role of data protection officers (DPOs) under the GDPR. This is a question which many organisations have been grappling with, as they assess who should take on this role. The WP29 considers the qualifications Read More

No Comments

DPOs and the GDPR: Part 1 – When is a DPO needed?

Catherine di Lorenzo

On 16 December 2016, the Article 29 Working Party (WP29) released highly anticipated guidelines on some of the most critical matters in the implementation of the General Data Protection Regulation (GDPR). These guidelines are not legally binding, but local data protection authorities are likely to follow them.  The WP29 does invite comment on the guidelines Read More

No Comments