Privacy & Information Security Law Blog

On March 6 and 7, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP and over 100 public and private sector participants in CIPL’s GDPR Implementation Project will convene in Madrid, Spain, for CIPL’s third major GDPR implementation workshop.

The all-day workshop on March 7, titled “GDPR Implementation: Status, Key Challenges, and Understanding the Core Principles of Transparency, Consent and Legitimate Interest,” will be co-hosted by the Spanish Data Protection Authority. The agenda will focus on four key areas:

• member states’ and regulators’ ongoing activities, priorities and progress in implementing the GDPR;
• the most significant challenges industry is facing in becoming GDPR compliant by May 2018;
• how to make the GDPR’s transparency requirement user-centric and meaningful so that it enables broad, accountable and trusted data uses; and
• how to use consent, legitimate interest and other grounds for processing personal data under the GDPR in the context of the modern information ecosystem.

On March 6, CIPL will hold a special pre-workshop session with Bruno Gencarelli, Head of Unit, International Data Flows and Protection, European Commission, to discuss the communication sent from the European Commission to the European Parliament and the Council on Exchanging and Protecting Personal Data in a Globalized World. The communication set forth the European Commission’s policy priorities and proposed action items with respect to cross-border data flows, relevant transfer and governance mechanisms, and global interoperability. The purpose of the pre-workshop session is to allow stakeholders to provide specific feedback to the European Commission regarding the communication.

The event in Madrid is part of CIPL’s ongoing GDPR Implementation Project, which aims to address the need for a constructive and expert dialogue between industry, regulators and key policymakers with the following specific objectives:

• facilitating consistent interpretations of the GDPR across the EU;
• informing and advancing constructive and forward-thinking interpretations of key GDPR requirements;
• facilitating consistency in the further implementation of the GDPR by EU Member States, the European Commission and the European Data Protection Board;
• examining best practices and challenges in the implementation of key GDPR requirements;
• sharing industry experiences and views to benchmark, coordinate and streamline the implementation of new compliance measures; and
• examining how the new GDPR requirements should be interpreted and implemented to advance the European Digital Single Market strategy and data-driven innovation, while protecting individuals’ privacy and respecting the fundamental right to data protection.

This multi-year project includes stakeholder workshops, roundtables, working sessions, white papers, webinars and public consultations.