The General Data Protection Regulation (“GDPR”), due to come into force in May 2018, provides for a new framework in data privacy matters in the European Union, which will have a wide-ranging impact on business around the world. (For previous coverage, please see our December 2015 Legal Update.)

During its December plenary meeting, the Article 29 Working Party (“WP29”), the working group composed of the 28 data protection authorities and EU officials, adopted guidelines in the following areas:

They were publicly released on December 16, 2016.

Continue reading.