Print this page | Send this page


New rules from 2018

Parliament approves data protection reform


New EU data protection rules which aim to give citizens back control of their personal data and create a high, uniform level of data protection across the EU fit for the digital era was given their final approval by MEPs on Thursday. The reform also sets minimum standards on use of data for policing and judicial purposes. Parliament's vote ends more than four years of work on a complete overhaul of EU data protection rules. The regulation will enter into force 20 days after its publication in the EU Official Journal. Its provisions will be directly applicable in all member states two years after this date. Member states will have two years to transpose the provisions of the directive into national law.
Read more

Transfer of personal data from the EU to the US

Opinion of the WP29 on the EU – U.S. Privacy Shield draft adequacy decision


Overall, the Working Party welcomes the significant improvements brought by the Privacy Shield compared to the Safe Harbour decision. In particular, the insertion of key definitions, the mechanisms set up to ensure the oversight of the Privacy Shield list and the now mandatory external and internal reviews of compliance are a positive step forward. However, the Working Party has strong concerns on both the commercial aspects and the access by public authorities to data transferred under the Privacy Shield.
Read more


On 2-3 February 2016, the Article 29 Working Party (WP29) met to discuss the consequences of the CJEU judgment in the Schrems case for international transfers. The WP29 welcomes the fact of the conclusion of the negotiations between the EU and the U.S. on the introduction of a "EU-U.S. Privacy Shield", which meets the deadline set by the WP29 in its statement of 16 October. It looks forward to receive the relevant documents in order to know precisely the content and the legal bindingness of the arrangement and to assess whether it can answer the wider concerns raised by Schrems judgment as regards international transfers of personal data.
Read more

New European data protection regulation

More rights for your personal data


To celebrate Data Protection Day, the Article 29 Working Party created an infographic presenting the new general data protection regulation. After 4 years of discussions at the European Union level, a final draft of the regulation has been released. It is expected to help Europe face the challenges of the digital age. The regulation will strengthen the citizens' rights to provide them with real control over their personal data. It will offer an unified framework for companies and simplify the prior notification. The regulation will be formally ratified in early 2016 and will come into force in 2018 in all EU countries.
Read more


The National Commission for Data Protection wishes you a Merry Christmas and a Happy New Year.
Read more


Following the landmark ruling of the Court of Justice of the European Union (CJEU) of 6 October 2015 in the Maximilian Schrems v Data Protection Commissioner case (C-362-14), the EU data protection authorities assembled in the Article 29 Working Party have discussed the first consequences to be drawn at European and national level. EU data protection authorities consider that it is absolutely essential to have a robust, collective and common position on the implementation of the judgment. Moreover, the Working Party will observe closely the developments of the pending procedures before the Irish High Court.
Read more

All news



National Commission for Data Protection

1, avenue du Rock’n’Roll
L-4361 Esch-sur-Alzette

Tel.: (+352) 26 10 60-1
Fax: (+352) 26 10 60-29

E-mail contact


Publication: surveillance in the workplace



Agenda / Key dates

  • 14-07-2016
    Training "Data protection" - Ecole Supérieure du Travail (EST) - in Remich

Recent opinions


Article 29 Working Party


Handbook on European data protection law



Introduction to data protection

The 10 commandments of data protection

Data protection: What is it about?


Public register






Data security

Data security