Europe: Working Party Consults on Profiling and Data Breach Notification under GDPR

On October 16, 2017 the Article 29 Working Party published guidelines on automated individual decision-making and profiling for the purposes of Regulation 2016/679 and guidelines on personal data breach notification under Regulation 2016/679.

The General Data Protection Regulation (GDPR) defines profiling in Article 4(4) as: "Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements."

Profiling is composed of three elements:  

To continue reading please log in or request a demo to speak to a member of the team.