What will the new European Data Protection Board mean for companies?



The EU Data Protection Authorities have published their Article 29 DP Working Party programme. It highlights the level of cooperation needed and the importance of the European Data Protection Board (EDPB) which will replace the Article 29 DP Working Party under the EU Data Protection General Regulation (GDPR).

The DPAs are to set up an EDPB task force to ensure that the Board will be ready to function from day one of the new regime. The secretariat will be provided by the EU Data Protection Supervisor (EDPS) “under the instructions” of the Chair of the EDPB. The secretariat will have an important role in administering the One-Stop-Shop and the consistency mechanism. These developments are also important for companies when they need to designate a lead Data Protection Authority to resolve data protection issues involving more than one EU Member State.

The Board will issue guidance for controllers and processors – for example, on the data portability right, Data Protection Impact Assessments, certifications, and the role of Data Protection Officers.

The DPAs say that their action plan will be reviewed periodically and the Article 29 DP Working Party will regularly consult business representatives and civil society representatives on their views regarding implementation of the GPDR.

Learn more about the role of the European Data Protection Supervisor in GDPR enforcement and compliance at PL&B’s Roundtable with the EDPS and seven of his top team in Brussels on 9 March.


See the DPAs’ statement at http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2016/wp236_en.pdf