The purpose of this paper is to:
- Inform the EU DPAs and the Article 29 Working Party as they consider the provisions of the GDPR on criteria to define the lead DPA and the co-operation among DPAs in the context of the OSS and the lead DPA.
- Signal any practical challenges in implementing these provisions from the perspective of controllers and processors.
- Suggest areas for further clarification in the forthcoming guidance from WP29.
Download the Paper
Download NowMore like this
March 2026
Mapping Updated Global CBPR and Global PRP Systems’ Program Requirements to the GDPR
Find out more
April 2025
Key Takeaways: GDPR Procedural Regulation – One Year Later – Where Are We Now?
Find out more
May 2024
The GDPR’s First Six Years: Positive Impacts, Remaining Implementation Challenges, and Recommendations for Improvement
Find out more
December 2021
Bridging the DMA and the GDPR – CIPL Comments on the Data Protection Implications of the Draft Digital Markets Act
Find out more
September 2021
GDPR Enforcement Cooperation and the One-Stop-Shop – Learning from the First Three Years
Find out more
July 2021
How the “Legitimate Interests” Ground for Processing Enables Responsible Data Use and Innovation
Find out more
September 2020
A Path Forward for International Data Transfers under the GDPR after the CJEU Schrems II Decision
Find out more
July 2020
