Article 29 Working Party Meeting Sets Out State of Play on Privacy Initiatives
Time 2 Minute Read
Categories: European Union, International

Recently, the EU’s Article 29 Working Party (”Working Party”) held a plenary meeting to discuss, among other things, the implementation of the EU General Data Protection Regulation (“GDPR”) and the EU-U.S. Privacy Shield. As well as adopting its first Joint Annual Review Report on the Privacy Shield, the Working Party has been working on a number of documents that offer review and/or guidance on the GDPR, including:

  • guidelines on (1) consent and transparency, (2) data protection certifications, and (3) derogations for personal data transfers under the GDPR;
  • updated “referentials” on adequacy and binding corporate rules for data controllers and processors; and
  • tools for cooperation between data protection authorities on data breach notifications.

Future work includes:

  • developing a position on Article 3 of the GDPR, which pertains to the GDPR’s territorial scope;
  • a new opinion on the proposal of the ePrivacy Regulation, which the European Commission aims to introduce alongside the GDPR.

In addition to these documents, the Working Party has made progress on defining the organization and structure of the European Data Protection Board (“EDPB”), which will be ready by May 2018. The EDPB will replace the Working Party and will have a more active role in the regulation of data protection practices across the EU in comparison to its predecessor. The Working Party also has established a taskforce to focus on harmonization with respect to the calculation of fines imposed under the GDPR, having recognized that there exists a range of approaches to sanctioning across EU Member States.

Tags: Article 29 Working Party, Data Protection Authority, Data Transfer, EU Member States, GDPR, Personal Data, Privacy Shield
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 3 Minute Read
Connecticut AG Clarifies AI Compliance Obligations Under CTDPA

The Connecticut Attorney General recently issued a legal memorandum regarding the application of existing Connecticut laws, such as the Connecticut Data Privacy Act, to the use of artificial intelligence.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
Data Protection Authorities Globally Highlight Privacy Issues in AI Image Generation

On February 23, 2026, a Joint Statement on AI-Generated Imagery was published by 61 data protection authorities. The Joint Statement addresses concerns regarding AI systems capable of generating realistic images and videos depicting identifiable individuals without their knowledge or consent.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 6 Minute Read
NetChoice Files Suit Challenging South Carolina Age-Appropriate Code Design

On February 9, 2026, trade association NetChoice filed a lawsuit challenging South Carolina’s newly passed Age-Appropriate Code Design (“SC AACD”) on First and Fourteenth Amendment grounds. The SC AACD was signed into law on February 5, 2026, making South Carolina the fifth U.S. state to enact such a law, following California, Maryland, Nebraska and Vermont.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
Congress Extends Cybersecurity Information Sharing Act of 2015 through September 2026

Congress has extended the Cybersecurity Information Sharing Act of 2015 through September 30, 2026 as part of the Consolidated Appropriations Act, a government funding package enacted in early February 2026.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page