Cordery

Legal.Compliance.

Client Alert: WP29 & UK Data Protection Guidance & Consultation Update

Regulatory & Governmental Data Protection Guidance and Consultation Update

By way of brief update, a number of data protection guidance and consultation documents have been recently issued in connection with the EU General Data Protection Regulation (GDPR) as follows:

  • The EU’s WP29 has issued the finalised versions of guidance as regards: The Lead Supervisory Authority; Data Portability; and, Data Protection Officers, which can all be found here. The finalised guidance contains some important changes to the previous draft versions;
  • The EU’s WP29 has also issued guidance about Data Protection Impact Assessments and determining whether processing is likely to result in a high risk to the rights and freedoms of individuals, which can be found here. Comments about the guidance can be sent to the WP29 by 23 May 2017;
  •  The UK’s ICO has issued a consultation document about Profiling (and Automated Decision-Making), as set out under the GDPR, which can be found here. The ICO will submit its views on Profiling to the WP29 to feed into eventual guidance to be adopted in this area by WP29. Feedback about the consultation can be submitted to the ICO by 28 April;
  • The UK’s ICO also has an ongoing consultation about consent which it hopes to finalise by June 2017 (the deadline for the submission of comments to the ICO has expired) – the consultation document can be found here; and,
  • The UK government has issued a consultation document calling for views to be submitted to it as regards derogations that can be adopted under the GDPR, which can be found here. The GDPR will apply in the UK post-Brexit and the UK government plans to introduce legislation this year to ensure that there are no inconsistencies with the GDPR. The GDPR allows scope for derogations and so the UK government wants to hear from organisations what their views are about these derogations, and although the UK government has grouped these derogations into fourteen themed areas in the consultation document it has not set out its views on these derogations as such.

We have written FAQS and a Glossary about the EU General Data Protection Regulation which can be found here and here.

There is more information about this and other data protection topics in Cordery’s GDPR Navigator subscription service.  GDPR Navigator includes short films, straightforward guidance, checklists and regular conference calls to help you comply.  More details are here.

For more information please contact Jonathan Armstrong or André Bywater who are lawyers with Cordery in London where their focus is on compliance issues.

 

Jonathan Armstrong, Cordery, Lexis House, 30   Farringdon Street, London, EC4A 4HH André Bywater, Cordery, Lexis House, 30             Farringdon Street, London, EC4A 4HH
Office: +44 (0)207 075 1784 Office: +44 (0)207 075 1785
Jonathan.armstrong@corderycompliance.com Andre.bywater@corderycompliance.com
 

 

 

 

 

Contact a Cordery Specialist +44(0)207 118 2700 | Contact Us

Cordery is a trading name of Cordery Compliance Limited. Authorised and regulated by the Solicitors Regulation Authority.
SRA number 608187. Company number 07931532 registered in England and Wales. VAT number: 730859520
Registered office: Lexis House, 30 Farringdon Street, London, EC4A 4HH, United Kingdom

Cordery Compliance Limited trading as Cordery provides some products and services which are not regulated by the Solicitors Regulation Authority; we will clearly state this to you if this is the case.

We use the word “partner” to refer to a shareowner or director of the company, or an employee or consultant who is a lawyer with equivalent standing and qualifications.

Cordery is a registered trademark of RELX (UK) Limited, used under license. The Knowledge Burst logo is a registered trademark of Reed Elsevier Properties Inc., used under license.

Copyright © 2021 Cordery. All rights reserved.