The European Data Protection Board recently published new Guidelines on the GDPR. Bitkom welcomes the opportunity to comment on these EDPB Guidelines 3/2018 on the territorial scope of the GDPR (Article 3).
Bitkom appreciates the Guidelines as they provide clarity and additional guidance to the, to some extent, unclear framework of the GDPR. The Guidelines address some important aspects of the territorial scope, Article 3 is explained in detail and with examples. The corresponding Recitals 22 to 25 are also referenced. The references made to existing case law of the Court of Justice of the European Union (CJEU) could reinforce legal certainty. To some extent, however, the explanations are unfortunately too superficial or overstretch the wording of the law. Furthermore, the references to existing case law should include a detailed assessment of the new wording of Article 3 and its compatibility with the previous cases and the legal framework they were based on.
We further elaborate on the relevant aspects in our Bitkom Position Paper on the EDPB Guidelines on the territorial scope of the GDPR (available here).