CIPL White Papers

CIPL GDPR Implementation Project White Papers

Regulating for Results Paper - Regulating for Results: Strategies and Priorities for Leadership and Engagement
September 25, 2017 (Updated on October 10, 2017)

ePrivacy Paper - Comments on the Proposal for an ePrivacy Regulation
September 11, 2017

WP29 DPIA Comments - Comments by the Centre for Information Policy Leadership on the Article 29 Data Protection Working Party’s “Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is ‘likely to result in a high risk’ for the purposes of Regulation 2016/679” adopted on 4 April 2017
May 19, 2017

Transparency, Consent and Legitimate Interest Paper - Recommendations for Implementing Transparency, Consent and Legitimate Interest under the GDPR
May 19, 2017

GDPR Workshop III Key Takeaways - CIPL Madrid Workshop Key Takeaways
April 27, 2017

GDPR Implementation Challenges Summary Document - GDPR Implementation Challenges: A Summary of CIPL GDPR Project Participants’ Feedback
April 27, 2017

Legitimate Interest Paper - CIPL Examples of Legitimate Interest Grounds for Processing of Personal Data
April 27, 2017

Certifications Paper - Certifications, Seals and Marks under the GDPR and Their Roles as Accountability Tools and Cross-Border Data Transfer Mechanisms
April 12, 2017

WP29 LSA Comments - Comments by the Centre for Information Policy Leadership on the Article 29 Data Protection Working Party’s “Guidelines for identifying a controller or processor’s lead supervisory authority” adopted on 13 December 2016
February 15, 2017

WP29 Data Portability Comments - Comments by the Centre for Information Policy Leadership on the Article 29 Data Protection Working Party’s “Guidelines on the right to data portability” adopted on 13 December 2016
February 15, 2017

WP29 DPO Comments - Comments by the Centre for Information Policy Leadership on the Article 29 Data Protection Working Party’s “Guidelines on Data Protection Officers (DPOs)” adopted on 13 December 2016
January 24, 2017

Risk Paper - Risk, High Risk, Risk Assessments and Data Protection Impact Assessments under the GDPR
December 21, 2016

OSS Paper - The One-Stop-Shop and the Lead DPA as Co-operation Mechanisms in the GDPR
November 30, 2016

DPO Paper - Ensuring the Effectiveness and Strategic Role of the Data Protection Officer under the General Data Protection Regulation
November 17, 2016

Workshop II Report - The Role of the Data Protection Officer (DPO) and Risk and High Risk under the GDPR
October 5, 2016

Workshop I Report - Implementing and and Interpreting the GDPR: Challenges and Opportunities
May 6, 2016

Reframing Data Transparency

Reframing Data Transparency
October 2016

Protecting Privacy in a World of Big Data

Paper 3: Reinvigorating Privacy Principles
(Forthcoming)

Paper 2: The Role of Risk Management
February 16, 2016

Executive Summary: Three Solutions for Protecting Privacy in a World of Big Data
December 2015

Paper 1: The Role of Enhanced Accountability in Creating a Sustainable Data-Driven Economy and Information Society
October 21, 2015

Cross-Border Data Transfer Mechanisms

Essential Legislative Approaches for Enabling Cross-Border Data Transfers in a Global Economy*
25 September 2017

Cross-Border Data Transfer Mechanisms
August 20, 2015

*This paper is an updated version of the August 2015 Cross-Border Data Transfer Mechanisms paper, which was submitted in response to the Indonesian Ministry of Communications and Information Technologies’ request for public comments concerning its Draft Regulation on the Protection of Personal Data in Electronic Systems.