The Article 29 Working Party (WP29) is the predecessor to the European Data Protection Board (EDPB), which was established under the General Data Protection Regulation (GDPR). WP29 was an advisory body composed of representatives from the national data protection authorities of all EU member states, as well as the European Data Protection Supervisor. Its primary role was to provide guidance and recommendations on the interpretation and application of the EU Data Protection Directive and other data protection laws.
One of the main differences between WP29 and EDPB is the legal basis for their establishment. WP29 was established under the EU Data Protection Directive, which was repealed and replaced by the GDPR in May 2018. EDPB, on the other hand, was established under the GDPR and is responsible for ensuring consistent application of the regulation throughout the EU.
Another key difference between WP29 and EDPB is the scope of their responsibilities. While WP29 was primarily focused on providing guidance and recommendations on the interpretation and application of the EU Data Protection Directive, EDPB has a broader mandate under the GDPR. In addition to providing guidance and recommendations, EDPB is responsible for promoting cooperation and consistency among national data protection authorities, developing and maintaining a list of processing activities that require a data protection impact assessment (DPIA), reviewing and issuing opinions on draft codes of conduct, certification mechanisms, and other guidelines related to data protection, and monitoring the implementation of the GDPR.
Overall, while WP29 and EDPB share some similarities in terms of their composition and focus on data protection, EDPB has a broader mandate and a stronger legal basis for its establishment. As the primary body responsible for ensuring consistent application of the GDPR throughout the EU, EDPB plays a critical role in protecting individuals’ privacy rights and promoting responsible data handling practices across the EU.
Layered Notice – A Robust Demonstration Of Transparency
One of the fundamental principles for Personal Data Controllers is the unwavering commitment to transparency vis-à-vis data subjects. In their pursuit to address this requirement, Controllers have opted to issue lengthy Privacy Notices, aiming for comprehensive disclosure to relevant data subjects. However, the question arises: Does this approach represent the most optimal method to guarantee […]
Learn more
Introduction to gdpr
KEY TAKEAWAYS: – GDPR is the EU’s current personal data protection regulation and the global standard in the field of data protection; – Predecessors of GDPR include the OECD’s 1980 Privacy Guidelines and the 1995 Directive 95/46/EC ; – GDPR stipulates many concepts and regulations regarding data protection such as the definitions, rights and responsibilities […]
Learn more
Introduction to china personal information protection law (pipl)
What is the PIPL? The Personal Information Protection Law of the People’s Republic of China is a particular law enacted for the purposes of protecting the rights and interests on personal information, regulating personal information processing activities, and promoting reasonable use of personal information (Art.1). When did the PIPL take effect? The PIPL entered into force […]
Learn more