Sent to subscribers in January 2018
Supplement #25 to our two-volume treatise Global Privacy and Security Lawreflects a period of significant transition in the European Union and European Economic Area where the Member States are still working on integrating the EU General Data Protection Regulation (GDPR) into their laws. Few countries have published any tangible information about their views on the transition to the new regime under the GDPR.
The Article 29 Working Party has been prolific and has published several guidelines, which are detailed in Chapter 6A. The Article 29 Working Party has already published Guidelines on Data Protection Officers, Data Portability, Lead Supervisory Authority, Data Protection Impact Assessments, and Administrative Fines. It has also published, for consultation, Guidelines on Data Security Breach and Guidelines on Automated Decision-Making and Profiling. Guidelines on the concept of consent, and cross border data transfers are expected to be published by the end of 2017 or early 2018.
The Asia Pacific Region, China continues to make made significant changes to its laws governing the protection of personal information.
The global privacy and security framework keeps evolving. The effect of the EU General Data Protection is clear. Countries outside the EU/EEA block, such Switzerland are looking at potential changes to their own data protection framework are looking at the challenges posed by the EU General Data Protection Regulation, and exploring how to keep up with the changes to the data protection framework that the GDPR is bringing.