---
title: "EU Data Protection Authority Issues GDPR Action Plan, Swiss Sign Privacy Deal with U.S."
date: 2017-02-06T07:21:40-05:00
author: Import Bot
canonical_url: "https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/eu-data-protection-authority-issues-gdpr-action-plan-swiss-sign-privacy-deal-with-u-s"
section: Blog Posts
---
# EU Data Protection Authority Issues GDPR Action Plan, Swiss Sign Privacy Deal with U.S.

  February 6, 2017

 

 

 

 

 

 

On January 16, 2017, the Article 29 Working Party (“Working Party”)—the EU’s central data protection advisory board—published a press release regarding its [Action Plan for 2017](http://ec.europa.eu/newsroom/document.cfm?doc_id=41387), which was adopted as part of its wider implementation strategy for the General Data Protection Regulation (“GDPR”). The Action Plan follows up on the actions initiated in 2016 and outlines the priorities and objectives for the year to come in anticipation of the entry into force of the GDPR in May 2018.

**In 2017, the Working Party commits to continue and/or finalize work on several key issues:

- Guidelines on certification and processing likely to result in a high risk and Data Protection Impact Assessments (“DPIA”);
- Administrative fines;
- Setting up the administration of the European Data Protection Board (“EDPB”) structure; and
- Preparation of the one-stop shop and the EDPB consistency mechanism.

**New work priorities and objectives for 2017 include:** - Guidelines on the topics of consent and profiling;
- Guidelines on the issue of transparency; and
- Update of existing opinions and guidance documents on data transfers to third countries and data breach notifications.

Moreover, the Working Party commits to continue consultation rounds and will invite relevant stakeholders to provide input on topics of interest. During a ​“Fablab” workshop announced for April 5 and 6, stakeholders will have the opportunity to comment on the Working Party’s Action Plan. Non-EU counterparts will have an opportunity to exchange views on the Working Party’s GDPR implementation and the GDPR generally during an interactive workshop scheduled for May 18 -19, 2017. \* \* \*

In other data protection news, on January 11, 2017 the U.S. and Switzerland signed a Privacy Shield Agreement recognizing the adequacy of U.S. data protection legislation in light of Swiss requirements. Months earlier, on October 7, 2015, the Swiss Data Protection Commission stated that it would follow the Court of Justice of the European Union’s invalidation of the U.S. – EU Safe Harbor framework, and hence, a new framework was required. Resembling the EU – U.S. Privacy Shield, the new Swiss – U.S. agreement enables certified companies to export data from Switzerland to the U.S. in compliance with Swiss data protection laws. There are three notable differences between the EU –U.S. and Swiss – U.S. Privacy Shield frameworks: **EU – U.S.** **Privacy Shield****Swiss – U.S.** **Privacy Shield**EU Data Protection Authority is cooperation and compliance authoritySwiss Federal Data Protection and Information Commissioner is cooperation and compliance authoritySensitive data definition under Choice PrincipleModified sensitive data definition under Choice Principle includes ideological or trade union-related views or activities, information on social security measures or administrative or criminal proceedings and sanctions, which are treated outside pending proceedingsBinding arbitration option in placeCommerce to work with Swiss Government to put in place binding arbitration option at first annual review

The new agreement replaces the existing U.S. – Swiss Safe Harbor Framework with immediate effect. The Department of Commence will begin accepting self-certification applications on April 12, 2017.

 

 **Tags:** [Article 29](https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/tags/article-29), [Data Protection](https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/tags/data-protection), [European Union](https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/tags/european-union), [General Data Protection Regulation](https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/tags/general-data-protection-regulation), [Privacy Shield](https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/tags/privacy-shield), [Swiss Safe Harbor Framework](https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/tags/swiss-safe-harbor-framework)

 

 - Share this entry 
    - 
    - 
    - 
    -
- [  View entry pdf ](https://s3.amazonaws.com/cdn.kelleydrye.com/content/uploads/pdf-snapshots/eu-data-protection-authority-issues-gdpr-action-plan-swiss-sign-privacy-deal-with-u-s-20251009111034.pdf)
 
 

### Search Blog

  

### Subscribe

  

### Explore Topics

- [International Privacy](https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/international-privacy)
- [Legislative and Regulatory Developments](https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/legislative-and-regulatory-developments)
- [Privacy Practices](https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/privacy-practices)
- [Privacy and Information Security](https://www.kelleydrye.com/viewpoints/blogs/ad-law-access/privacy-and-information-security)
 
 

### Related Services

- [Advertising and Marketing](https://www.kelleydrye.com/practices/advertising-and-marketing)
