It’s finally open: public consultation by the European Commission on the GDPR. Privacy campaigners will be sure to respond – but will controllers & processors?
This is your chance to submit comments on what works and what doesn’t.
Whether you see weaknesses in the way in which the DPO role is structured (I know this is a difficult point for smaller organisations), the issue of whether data transfer impact assessments are needed for hypothetical transfers or the continuing lack of harmonisation of certain regulatory positions, you now have the floor.
The explanatory document includes a link to a questionnaire that can be used as inspiration as to the topics that can be covered.
The only GDPR section to be explicitly excluded is Chapter VII on the cooperation and consistency mechanism between national data protection authorities. [To be honest, I think this is a pity, as the proposed changes to enforcement do not tackle all issues that we have noticed in that respect.]
Reach out to your industry bodies and get them to take part – or feel free to reach out to us if you are looking for a buffer (for anonymised feedback) or simply an advisor.
Deadline for comments: 8 February 2024.
Link to the call for evidence: https://lnkd.in/diqdPfsa
Link to the example questionnaire (for inspiration): https://lnkd.in/ewDpB4Fj
data protection privacy
Did this analysis get you thinking? Reach out!
DataLaws.net is entirely open-access, and instead of getting your data in exchange for this content, how about another trade? If this commentary saved you research time or sparked an idea, feel free to invite me over for tea, chai or a hot chocolate next time you are around Brussels or Antwerp - or invite me over to your offices for a chat!
Get in touch ↗ Let's connect on LinkedIn ↗