Last October, the Article 29 Working Party issued guidelines for review on breach notification under the EU General Data Protection Regulation. In one response, the Centre for Information Policy Leadership asked privacy veteran Joanne McNabb, CIPP/G, CIPP/US, CIPT, "to review the draft Guidelines and prepare a written response on behalf of CIPL, incorporating the views of staff and member companies," she explains. "I submitted comments to CIPL and was pleased to see that many of our recommendations (and presumably, many similar suggestions of other commenters) were reflected in the final Guidelines." In this post for Privacy Perspectives, McNabb, who may have written the first-ever breach notification letter back in 2002, describes and applauds the changes that were made between the draft and final WP29 guidelines, though, she warns, "some problematic issues" remain unchanged.
If you want to comment on this post, you need to login.