[GDPR] the WP29 & EDPB?

November 8, 2023

[GDPR] the WP29 & EDPB?

The Article 29 Working Party (WP29) is the predecessor to the European Data Protection Board (EDPB), which was established under the General Data Protection Regulation (GDPR). WP29 was an advisory body composed of representatives from the national data protection authorities of all EU member states, as well as the European Data Protection Supervisor. Its primary role was to provide guidance and recommendations on the interpretation and application of the EU Data Protection Directive and other data protection laws.

One of the main differences between WP29 and EDPB is the legal basis for their establishment. WP29 was established under the EU Data Protection Directive, which was repealed and replaced by the GDPR in May 2018. EDPB, on the other hand, was established under the GDPR and is responsible for ensuring consistent application of the regulation throughout the EU.

Another key difference between WP29 and EDPB is the scope of their responsibilities. While WP29 was primarily focused on providing guidance and recommendations on the interpretation and application of the EU Data Protection Directive, EDPB has a broader mandate under the GDPR. In addition to providing guidance and recommendations, EDPB is responsible for promoting cooperation and consistency among national data protection authorities, developing and maintaining a list of processing activities that require a data protection impact assessment (DPIA), reviewing and issuing opinions on draft codes of conduct, certification mechanisms, and other guidelines related to data protection, and monitoring the implementation of the GDPR.

Overall, while WP29 and EDPB share some similarities in terms of their composition and focus on data protection, EDPB has a broader mandate and a stronger legal basis for its establishment. As the primary body responsible for ensuring consistent application of the GDPR throughout the EU, EDPB plays a critical role in protecting individuals’ privacy rights and promoting responsible data handling practices across the EU.


Privacy Compliance

VIETNAM AI HANDBOOK – SECOND EDITION

Vietnam AI Handbook – Second Edition In January 2024, PrivacyCompliance published the first version of the AI Handbook which was received warmly by the AI community and the general public. Since then, there have been many developments in the AI scene around the world such as new AI applications, and new regulations, with the most […]

Learn more

Privacy Compliance

Layered Notice – A Robust Demonstration Of Transparency

Layered Notice – A Robust Demonstration Of Transparency One of the fundamental principles for Personal Data Controllers is the unwavering commitment to transparency vis-à-vis data subjects. In their pursuit to address this requirement, Controllers have opted to issue lengthy Privacy Notices, aiming for comprehensive disclosure to relevant data subjects. However, the question arises: Does this […]

Learn more

Privacy Compliance

THE FIRST AI HANDBOOK IN VIETNAM

The First AI Handbook in Vietnam Dear Colleagues, Partners, and Friends, Mindful of the significant advancements in artificial intelligence (AI) in recent times, Privacy Compliance has undertaken a project aimed at updating our clientele, partners, and the general public on the prevailing state of AI globally and, more specifically, in Vietnam. With great pride, we […]

Learn more