Spain's data protection authority, the Agencia Española de Protección de Datos, issued guidelines to aid public administrations' data protection impact assessments on proposed legislation. The AEPD stated DPIAs in the public sector need to occur "from the design of the standards," while outlining the criteria for execution of assessments and analysis of results.