The Article 29 Working Party issued three sets of guidelines just before Christmas on the GDPR requirements for data protection officers, the data portability right and on how to determine the lead supervisory authority. This is the first substantive Article 29 working party GDPR guidance and makes for sobering reading.
This session will include:
- A brief recap of the GDPR requirements in relation to each of the three topics.
- An analysis of the key developments in the guidance including the attributes a DPO must have, what data “provided by the data subject” means and how useful or useless the one stop shop is going to be in practice.
- Ample time for participants to discuss how these changes will affect their GDPR implementations in a Chatham House rule setting.
08:30 - 09:00: Registration and breakfast
09:00 - 11:00: GDPR Clinic: Unpacking the Christmas guidance (DPOs, portability & main establishment)