During its plenary meeting on 10-11 April 2018, the Working Party 29, the European Advisory Body on Data Protection and Privacy, has examined several key topics in relation to the protection of personal data in general and more specifically to the soon applicable General Data Protection Regulation (GDPR).
Amongst others, we can highlight:
- The adoption of guidelines on consent and transparency under the GDPR as well as a set of documents relating to “Binding Corporate rules” including a working document on the approval procedure for controllers and processors;
- A position paper on the clarification of the scope of article 30(5) GDPR concerning the derogation to the obligation to keep record of processing activities for organizations employing less than 250 people;
- The establishment of a Social Media Working Group regarding the ongoing case of Facebook and Cambridge Analytica;
- A set of letters expressing the WP29 concern regarding, for example:
- A statement on encryption and the processing of personal data;
- An opinion on the Commission proposal to establish an interoperability framework between EU information systems in the field of borders and visa as well as police and judicial cooperation, asylum and migration.
For a more detailed overview, please see the WP29 press release here.