The Article 29 Working Party (WP29) has released its Action Plan for 2017, setting out its priorities and objectives in the context of implementation of the EU GDPR for the year ahead. It has committed to finalize its work on topics undertaken in 2016 including guidelines on:

  • Certification;
  • Processing likely to result in a high risk & Data Protection Impact Assessments (DPIAs);
  • Administrative fines;
  • Setting up the European Data Protection Board (EDPB) structure;
  • Preparation of the one stop shop, and
  • The EDPB consistency mechanism.

The WP29 also intends to start work in 2017 on guidelines on:

  • Consent;
  • Profiling, and
  • Transparency.

At the same time, the WP29 intends to work on the update of already existing opinions and referentials on data transfers to third countries and data breach notifications.

Last December 2016, the WP29 also issued on data portability, lead authority, and Data Protection Officers.  See our blog for more information.