WP29 issues guidelines on compliant privacy statement

Back to articles

8 October, 2014

The Article 29 Working Party (WP29), the European collaboration of data protection authorities, has developed several guidelines to help Google update its privacy policy and thereby meet its obligations regarding European and national data protection laws. Although the guidelines were established with Google in mind, the suggestions might also apply to other companies that process data on a large scale. WP29 is currently also considering issuing guidance on specific issues to the entire industry at a later stage.

Google’s privacy policy has been the object of much scrutiny after the 2012 investigation into its compliance with European Data Protection legislation. Further investigation by national data protection authorities showed that Google’s privacy policy still does not meet the requirements set by national data protection legislation. WP29 has now decided to give Google some suggestions (or guidelines), to help the company in its efforts to comply with the aforementioned requirements.

These guidelines include a list of requirements that Google should meet regarding data protection, along with possible measures to achieve these results, in order to achieve compliance. These measures range from increasing the visibility of Google’s privacy policy to acquiring unambiguous consent from the data subject to use his or her personal data and offering a very personalized privacy policy. Although guidelines issued by the WP29 are not binding, it is recommended to take their suggestions to heart.

Nevertheless, Google is not the only company struggling with its privacy policy. The Dutch Consumers’ Association recently commissioned a report on the privacy policies that apply to the use of certain smart TVs. Considerati was asked to conduct the research and concluded that most of these policies do not comply with national legislation while at the same time being mostly incomprehensible to the general public. (The report written in Dutch is available for download here.)

With the upcoming Data Protection Regulation it will become obligatory for any company to have a transparent and comprehensible privacy policy. By following the WP29 guidelines you can definitely increase the chance of your privacy policy being compliant with EU legislation. Considerati can help you increase your compliance with Data Protection Legislation by identifying blind spots regarding privacy in your organisation. For more information on how to draft a comprehensible privacy statement, check out our whitepaper (in Dutch.)

Feel free to contact our experts to learn how we can help your organisation increase its privacy compliance.

, ,

Jonathan Toornstra

Legal Consultant

Related blogs

Will the European Data Protection Regulation protect us from spying?

During the past few months we have heard shocking revelation after shocking revelation about...

Read more

Employees more aware of risks relating to BYOD than their employers

More and more employees take their own, privately owned devices with them to their workplace and...

Read more

Like to be emailed about Considerati news?

Then subscribe to the Considerati Newsletter! See our privacy statement.