Amendment LIBE #2348

Article 38+

Article 38a Promoting Self-Regulation 1. The Member States, the national and European supervisory authorities and the Commission shall encourage self- regulation instruments like binding corporate rules, code of conducts and certification or - in cases of companies which do not fall under the provision of Article 35 - the feature of the voluntarily designation of a data protection organisation or a data protection officer. 2. Single undertakings, multicorporate enterprises, industries, professional associations and other associations of every kind which represent specific groups of controllers or processors may submit drafts of the self-regulation instruments in paragraph 1. If the self- regulation instrument should only apply in a Member State the national supervisory authority in that Member State can be asked to confirm the compliance with this regulation. If the self-regulation instrument should apply in all Member States of the EU the European Data Protection Board can be asked to confirm the compliance with this Regulation. The national supervisory authority or the European Data Protection Board shall examine the compatibility of the submitted drafts with the applicable law on this data protection Regulation. If there is no reaction in a 3- month-period the self-regulation instrument is classified as in compliance with this Regulation. 3. If the self-regulation instrument provides an adequate proceeding in data protection issues of this Regulation, Article 14 (Information to the data subject), Article 28 (documentation), Article 33 (data protection impact assessment) and Article 34 (prior authorisation and prior consultation) shall not apply.

Current Data Privacy Rating is : weaker    Axel Voss Germany EPP


comments powered by Disqus