Duties of the Committee
The Committee shall ensure the consistent application of this Regulation. To this end, the Committee, on its own initiative or, where appropriate, at the request of the Commission, shall in particular do the following:
monitor and ensure the correct application of this Regulation in the cases referred to in Articles 64 and 65, without prejudice to the tasks of national supervisory authorities;
advise the Commission on matters relating to the protection of personal data in the Union, including any proposed amendments to this regulation;
Advise the Commission on the mechanism and procedures for the exchange of information regarding binding corporate rules between controllers, processors, and supervisory authorities;
Issue guidelines, recommendations and best practices on procedures for erasing links, copies or reproductions of personal data from publicly available communication services as referred to in Article 17(2);
Examine, on its own initiative or at the request of any of its members or at the request of the Commission, matters relating to the application of this Regulation, and issue guidelines, recommendations and best practices to promote the consistent application of this Regulation;
Issue guidelines, recommendations and best practices in accordance with point (e) of this paragraph to further specify the criteria and conditions for decisions based on profiling under Article 22(2);
issuing guidelines, recommendations and best practices in accordance with point (e) of this paragraph for determining the personal data breaches referred to in paragraphs 1 and 2 as well as the unreasonable delay referred to in Article 33(1) and (2), and for the particular circumstances in which a controller or processor is required to notify the personal data breach;
issuing guidelines, recommendations and best practices in accordance with point (e) of this paragraph regarding the circumstances in which a personal data breach is likely to pose a high risk to the rights and freedoms of natural persons, as referred to in Article 34(1);
issuing guidelines, recommendations and best practices in accordance with point (e) of this paragraph to further specify the criteria and requirements for transfers of personal data on the basis of binding corporate rules for controllers and binding corporate rules for processors, as well as on the basis of further necessary requirements to ensure the protection of personal data of the data subjects concerned, as referred to in Article 47;
Issue guidelines, recommendations and best practices in accordance with point (e) of this paragraph to further specify the criteria and requirements for transfers of personal data under Article 49(1);
establish guidelines for supervisory authorities on the application of the measures referred to in Article 58(1), (2) and (3) and on the setting of administrative fines in accordance with Article 83;
evaluate the practical application of the guidelines, recommendations and best practices referred to in paragraphs (e) and (f);
Issue guidelines, recommendations and best practices in accordance with point (e) of this paragraph, establishing common procedures by which natural persons may report violations of this Regulation, as referred to in Article 54, paragraph 2;
promote the establishment of codes of conduct and the introduction of data protection certification mechanisms and data protection seals and marks in accordance with Articles 40 and 42;
Conduct the accreditation of certification bodies and their periodic evaluation pursuant to Article 43, and maintain a public register of accredited bodies pursuant to Article 43.6, and of accredited processors or processors located in third countries pursuant to Article 42.7;
specify the requirements referred to in Article 43.3 for the purpose of accrediting certification bodies in accordance with Article 42;
issuing an opinion for the benefit of the Commission on the certification requirements referred to in Article 43.8;
issuing an opinion for the benefit of the Commission on the icons referred to in Article 12(7);
issuing an opinion to the Committee to enable it to assess the adequacy of the level of protection in a third country or an international organization, and to assess whether a third country, territory or one or more specified sectors in that third country, or an international organization no longer ensures an adequate level of protection. For this purpose, the Commission shall provide the Committee with all necessary documentation, including correspondence with the government of the third country, with respect to third country, territory or specified sector or with the international organization.
issuing opinions on draft decisions of supervisory authorities under the coherence mechanism referred to in Article 64(1) on matters raised in accordance with Article 64(2) and issuing binding decisions in accordance with Article 65, including the cases referred to in Article 66;
Promote cooperation and effective bilateral and multilateral exchange of information and best practices among supervisory authorities;
Promote common training programs and facilitate staff exchanges between supervisory authorities, and where appropriate, with supervisory authorities of third countries or with international organizations;
Promote the exchange of knowledge and documentation on data protection law and practice with data protection supervisory authorities around the world;
issuing opinions on codes of conduct established at Union level in accordance with Article 40(9); and
Maintain a public electronic register of decisions of supervisory authorities and courts on matters dealt with under the coherence mechanism.
Where the Commission requests the Committee's opinion, it may specify a deadline, taking into account the urgency of the matter.
The Committee shall transmit and publish its opinions, guidelines, recommendations and best practices to the Commission and to the Committee referred to in Article 93.
The Committee shall, where appropriate, consult interested parties and provide them with an opportunity to comment within a reasonable time frame. Without prejudice to Article 76, the Committee shall make the results of the consultation public.
