Konstantin Tiazhelnikov

Konstantin Tiazhelnikov

in Blog

Worrying tendency? EDPB issued Guidelines 01/2021 on Examples regarding Data Breach Notifications

By itself, the document is indeed useful and can be of help, as it provides an overview of 18 data breach scenarios and additionally compiles recommendations on TOMs for preventing / mitigating the impact of attacks or risk sources.

But stop! Guidelines on Examples? Guidelines, strictly speaking, like a gleaming beacon in the dark, must give readers a clear methodology on how to tackle practical issues. Guidelines cannot just outline examples of some cases; otherwise, those are not guidelines but a handbook of case studies (or whatever).

What it more, this might be a new trend in logic of how the EBPD Guidelines will be drafted. Recently, in Guidelines 07/2020 ‘On the concepts of controller and processor in GDPR', EDPB has demonstrated the same approach and (not only but mostly) provided for examples, instead of a clear methodology of how to spot the parties identifying means and purposes in complex scenarios.

Now in Guidelines 01/2021 - here we go again. 

Karen Lawrence Öqvist
Karen Lawrence Öqvist
It sounds like an interesting tendency @Konstantin Tiazhelnikov :)
Konstantin Tiazhelnikov
Konstantin Tiazhelnikov
@Karen Lawrence Öqvist i received two comments so far to this article at LinkedIn, guys seem to disagree with my concerns😆
Karen Lawrence Öqvist
Karen Lawrence Öqvist
@Konstantin Tiazhelnikov I don’t believe case studies can replace Guidelines, they should complement them. Anyhow, now I’m pretty interested to read these guide...

Konstantin Tiazhelnikov
Konstantin Tiazhelnikov
@Karen Lawrence Öqvist I knew you would not leave me alone, Karen😂😂 happy reading, let me know then what you think) maybe I am crazy and EDPB does all right)
Do you want to read more like this? Hit subscribe. It’s FREE!