Article 29 Working Party
GDPR Guidelines – Is The Article 29 Working Party Going Too Far?

12 January 2018 - David Smith
The Article 29 Working Party has been working overtime to publish guidelines on a wide range of GDPR requirements. Not surprisingly, given the impact of the GDPR, there have been calls for even more guidance but the data protection authorities that make up the Working Party have limited resources and it is not always easy › Read More
WP29 guidelines on transparency under GDPR

29 December 2017 - Nigel Parker
Shortly before the Christmas break, the Article 29 Working Party (WP29) published keenly awaited draft guidelines on transparency and consent under the GDPR. These guidelines will be closely scrutinised. Privacy notices, requests for consent, how an organisation deals with data subject enquiries regarding the processing of personal data, and how an organisation communicates information in › Read More
WP29 draft guidelines on profiling and automated decision-making under the GDPR

05 November 2017 - Ondrej Kramolis
On 17 October, the Article 29 Working Party (WP29) published new draft guidelines on profiling and automated decision-making under the GDPR (the Guidelines). The Guidelines identify two benefits of profiling – increased efficiencies and resource savings and note that profiling and automated-decision making can be used to tailor services and products to align with individual › Read More
WP29 guidelines on personal data breach notification under GDPR

22 October 2017 - Anita Anand
The Article 29 Working Party this week published draft Guidelines on personal data breach notification under GDPR. The relevant GDPR provisions are often misrepresented, and in many respects leave matters open to interpretation – a good or bad thing depending on the day. Many are now asking what further clarity the draft guidelines bring for companies › Read More
A29 Working Party Opinion on Data Processing at Work

13 July 2017 - Nigel Parker
The boundaries between work and home are increasingly blurred. This means employee monitoring activities can inadvertently extend to monitoring employees in a private context. The Article 29 Working Party recently published a new opinion concerning data processing at work. It covers a wide range of topics, including the processing of employee data on social › Read More
Article 29 Working Party adopts Guidelines on the “lead supervisory authority”

06 February 2017 - Peter van Dyck
One of the key innovations of the upcoming General Data Protection Regulation (GDPR) is the so-called one stop shop principle. This principle aims to avoid companies that undertake cross-border processing of personal data finding themselves subject to a plurality of competent data protection authorities. Concretely, the GDPR provides that the data protection authority in the › Read More