The Working Party recently issued its first Opinion for 2017, focusing on the EU Commission’s proposed ePrivacy Regulation (WP 247, Opinion 01/2017). The Commission’s proposal, which was published in January this year, aims to modernize the existing ePrivacy Directive (2002/58/EC as amended by 2009/136/EC) which concerns the protection of personal data in the context of […]
GDPR
ICO Seeks Extra Resources for GDPR Enforcement
On March 13, 2017, Elizabeth Denham, head of the UK data protection authority (“ICO”) publicly expressed her intention to massively recruit new personnel in an effort to be ready for the European (“EU”) general data protection regulation (“GDPR”). In a statement released on its website, the ICO announced its plan to recruit new personnel by […]
CNIL Launches Second Round of Public Consultation on GDPR
Last week, the French Data Protection Authority (“CNIL”) launched the second round of a public consultation on the General Data Protection Regulation (“GDPR”). The first public consultation was launched in June 2016 and addressed the requirements in the GDPR relating to data protection officers, data portability and privacy seals and certifications. The outcome of the […]
Spanish Ministry of Justice Launches Public Consultation on GDPR
On February 7, 2017, the Spanish Ministry of Justice launched a public consultation as a preliminary step before the drafting of a new bill implementing the General Data Protection Regulation (“GDPR”). The press release clarifies that although the GDPR has direct effect in the European Member States, its implementation into Spanish law is not a […]
WP29 Issues Guidance on the Right to Data Portability under the GDPR
Late last week, the Article 29 Working Party (“WP29”) issued detailed guidance on companies’ obligations under three key provisions of the General Data Protection Regulation (“GDPR”). This is part two of a three-part Alston & Bird series evaluating WP29’s positions, and relates to the Right of Data Portability for data subjects and its obligations for data controllers. Part 1 deals […]