Following on from the Article 29 Working Party’s Opinion in June, the European Data Protection Supervisor (EDPS) has now published his own recommendations for the proposed General Data Protection Regulation (GDPR). Unsurprisingly, given that the EDPS is a member of the Working Party, the views expressed are in line with that Opinion. At this point you may be tempted to … Continue Reading
Grounds for processing
Under the Data Protection Directive, each instance of data processing requires a legal justification – a “ground for processing”. This fundamental feature of EU data protection law remains unchanged under the draft Regulation. However, the bar for showing the existence of certain grounds for processing will be set higher, particularly in relation to consent.
Stringent and uncertain … Continue Reading
What difference does a Regulation make?
Unlike EU ‘directives’, EU ‘regulations’ are by nature directly effective in EU Member States and so do not require further implementation into national laws. Previously, European data protection law was governed by the Data Protection Directive. It was the responsibility of Member States to implement the Data Protection Directive into their national law. When … Continue Reading