There’s a question about whether it’s coming quick enough, but the EU’s Article 29 Working Party appear to be on the role with their GDPR guidance.
They have recently published guidance for supervisory authorities (e.g. ICO) on fining and on Data Protection Impact Assessments (DPIA), plus are currently consulting on a couple of other pieces of guidance:
Anyone wishing to comment on these guidelines needs to pass their comments to the A29WP by 28th November.
Hopefully, this latest flurry is a sign of things to come with more and more guidance taking shape to help businesses understand the interpretations of some of the key areas of GDPR. We’d definitely like to see more from the ICO too – we’re still waiting for the ICO’s consent rules, which are promised in December on the back of the A29WP’s own consent guidance (which we’re still waiting for), plus the recent consultation on the controller-processor contractual requirements indicated the ICO are considering a range of other guidance.
Providing cost-effective, simple to understand and practical GDPR and ePrivacy advice and guidance, via my one-stop-shop helpline. I ❤️ GDPR