Tag Archives: wp29

Controller and Processor standard clauses

The French DPA (CNIL) and Spanish DPA (AGDP) have issued two guides for data processors, namely “Règlement européen sur la protection des données : un guide pour accompagner les sous-traitants” and “Directrices para contratos responsable – encargado” respectively. Furthermore the English DPA (ICO) has published a draft gdpr contracts guidance. These have a positive impact… Read More »

e-PRIVACY REGULATION PROPOSAL’S DEVELOPMENT – I) Art. 29WP and EDPS’s opinions

As already mentioned in a previous post, on 10 January 2017 the European Commission presented a proposal for a Regulation (the “Regulation”) which is expected to amend the Directive 2002/58/EC (e-Privacy Directive) standardising the current European legal framework for the processing of personal data in the electronic communications sector and whose final approval is expected to… Read More »

Article 29 Data Protection Working Party Guidelines on Data Protection Impact Assessment (DPIA)

Last April 4, the Article 29 Data Protection Working Party (WP 29) has adopted Guidelines on Data Protection Impact Assessment, first of all defining common criteria for all data controllers, which can support the identification of processing operations that require to carry out a data protection impact assessment. This because it is not compulsory in… Read More »

The new European Regulation gives greater value and facilitation to scientific research.

The Directive 95/46/EC deal with the argument in the following terms: The processing of personal data for scientific research purposes is not considered incompatible with other processing (art. 6) For scientific use, personal data may be stored for longer periods (art. 6) The provision of information to the data subject may not be given when… Read More »

Data Protection Officer, close to a unified certification scheme … and more

After more than a year of work, the draft of a national UNI/UNINFO standard defining profiles and competences of data protection and processing professionals reached its final public inquiry stage. One of the declared goals is to bring common, shared rules to avoid a “far west” effect on a market already crowded by proprietary initiatives,… Read More »

Portability: WP29 guidelines

The GDPR  Article 20 introduces a new right to “data portability” to enable data qwners to easily move or copy their personal data to another environment . The Opinion of the WP29 clarifies the conditions of application and provides concrete examples to explain the circumstances in which this right applies. The Opinion states that this… Read More »