On 25 May, 2018, the General Data Protection Regulation (“GDPR”) will become applicable, bringing significant changes to data protection rules across the European Economic Area (EEA). With the adoption of the GDPR, the EU recognizes the importance of harmonizing European data protection laws, in order to facilitate cross-border commerce.
There is significant activity at the EU and Member State level, including rulemaking (the GDPR requires implementation and allows Member States to legislate on specific issues), issuing of guidance, and adopting codes of conduct and certification schemes.
AmCham EU’s members take GDPR compliance seriously, and are now working to implement the upcoming rules. In that context, AmCham EU has developed the following recommendations for data protection authorities (DPAs), the European Data Protection Board (EDPB), and Member States to consider as they develop guidance and policies on the GDPR.
Our recommendations address seven specific aspects of the GDPR with the aim ensuring a uniform and balanced application across Europe: (i) the one-stop shop; (ii) high-risk processing / data protection impact assessments (DPIAs); (iii) personal data breaches and notification; (iv) approved codes of conduct and certification; (v) data portability; (vi) sanctions; and (vii) data protection officers (DPOs).
9th January 2023
5th January 2023
7th February 2023
31st October 2022
27th January 2023
9th March 2023
28th February 2023
20th February 2023