Articles

GDPR is effective: Will GDPR guidelines from national authorities be binding?

Stibbe - Will GDPR guidelines from national authorities be binding?

GDPR is effective: Will GDPR guidelines from national authorities be binding?

31.05.2018 EU law

GDPR is now fully effective. Preparing your company for the application of this new regulation requires a correct understanding of its principles. We highlighted a series of 12 common misconceptions regarding the interpretation of the GDPR.

Will GDPR guidelines from national authorities be binding?

Doubts exist as to the binding effects of guidelines issued by the different national authorities that further elaborate the different aspects of the GDPR. This could lead to potentially contradictory instructions for multinational corporate groups that have subsidiaries in different Member States where the corresponding data protection authorities could have issued differing guidelines on the application of a same provision of the GDPR.

In that respect, the interpretation adopted by a national authority on specific provisions of the GDPR will only be binding for those companies (or groups of companies) whose “main establishment” (i.e., the place where decisions on data processing are taken in the European Union) is located in the territory of the country in question.

In any event, and as a general rule under the GDPR, the European Data Protection Committee holds an ultimate power to interpret any provision on a number of subject matters listed in Article 70 (including, for example, those related to profiling, notification of security breaches, international data transfers, or sanctions).

 

Stibbe, together with Chiomenti, Cuatrecasas, GIDE and Gleiss Lutz, have gathered this useful information, reflecting some common misconceptions about the implementation of the GDPR.

Team

Related news

01.06.2022 BE law
Digital Law Up(to)date: The confidentiality of letters would become the confidentiality of private communications

Articles - The Belgian Parliament published a proposal to amend article 29 of the Belgian Constitution (see here). The provision now states that the “confidentiality of letters is inviolable”. If the proposal is adopted, article 29 should read as follows: “The confidentiality of private communications is inviolable, except in the cases and conditions established by law”.

Read more