On 2 September 2020, the European Data Protection Board (“EDPB”) published new Guidelines 07/2020 (“Guidelines”) for public consultation on the concepts of controller and processor under the European General Data Protection Regulation (“GDPR”). Once finalised, the Guidelines will replace the previous Working Party 29 Opinion 1/2010 (WP169), upon which
The European General Data Protection Regulation (“GDPR”) entered in force on May 25, 2018 (“GDPR Day”). The GDPR sets forth a new regime for the protection of personal data in the European Union (“EU”). We briefly discuss below five things that general counsel should know about the GDPR, including lessons learned since GDPR Day.