On 15 December 2016, the Article 29 Working Party (WP29) issued guidelines and FAQs on the provisions in the General Data Protection Regulation (the GDPR) relating to data portability (Guidelines / FAQs), data protection officers (Guidelines / FAQs), and the lead supervisory authority (Guidelines / FAQs). WP29 will accept comments on these guidelines until the end of January 2017.

The Article 29 Working Party (WP29) has issued an opinion on the evaluation and review of Directive 2002/58/EC (the ePrivacy Directive). In its opinion, WP29 notes the need for a thorough revision of the rules in the ePrivacy Directive to take into account the technological developments in the digital market and the recent adoption of the General Data Protection Regulation (the GDPR).

Introduction

Since 2002, the ePrivacy Directive has provided a set of security and privacy measures to be applied specifically in the context of electronic communications in the EU. These measures were laid down to “particularise and complement” the Data Protection Directive 95/46/EC.

In its opinion dated July 19, 2016, WP29 notes the need for the ePrivacy Directive to be reviewed and for a new legal instrument that is consistent across the EU, which supplements and complements the obligations of the GDPR, and which is broad enough to cover the wide range of electronic communications services that exist today.

On February 3, 2016, the Article 29 Working Party (WP29) released a statement on the consequences of the Schrems judgment, following an assessment of the legal framework and the practices of US intelligence services. The WP29 expressed continuing concerns about the US framework for processing personal data for intelligence purposes, in spite of recent reforms.