The General Data Protection Regulation (GDPR) will come into force on 25 May 2018, replacing UK’s Data Protection Act 1998 (DPA). It is yet unclear how Brexit will play out, yet in the meantime the United Kingdom is moving to adopt the GDPR principles so that it adequately protects the personal data transferred within the […]
EU Privacy
CNIL Launches Second Round of Public Consultation on GDPR
Last week, the French Data Protection Authority (“CNIL”) launched the second round of a public consultation on the General Data Protection Regulation (“GDPR”). The first public consultation was launched in June 2016 and addressed the requirements in the GDPR relating to data protection officers, data portability and privacy seals and certifications. The outcome of the […]
Spanish Ministry of Justice Launches Public Consultation on GDPR
On February 7, 2017, the Spanish Ministry of Justice launched a public consultation as a preliminary step before the drafting of a new bill implementing the General Data Protection Regulation (“GDPR”). The press release clarifies that although the GDPR has direct effect in the European Member States, its implementation into Spanish law is not a […]
Spanish DPA Issues GDPR Guidelines
On January 26, 2017, the Spanish data protection authority (“AEPD”) published three guidance papers on the implementation of the general data protection regulation (“GDPR”). Although the guidance is primarily directed at small and medium-sized companies, it gives a snapshot on how the AEPD reads the GDPR and is thus relevant for all companies having operations […]
Article 29 Working Party Identifies GDPR Implementation Priorities for 2017
In a press release published on January 16, 2017, the Article 29 Working Party (“WP 29”) has outlined its strategy for 2017 on implementation of the General Data Protection Regulation (“GDPR”). WP29’s “2017 GDPR Action Plan” identifies the following priorities, objectives, deliverables and activities for the coming year: 2016 Follow-Up. WP29 will finalize work commenced in […]