European Data Protection Board - Draft Guidelines on certification and identifying certification criteria in accordance with Articles 42 and 43 of GDPR

The primary aim of the guidelines is to identify overarching criteria that may be relevant to all types of certification mechanisms issued in accordance with Articles 42 and 43 of the GDPR.
To this end, the guidelines:
- explore the rationale for certification as an accountability tool;
- explain the key concepts of the certification provisions in Articles 42 and 43; and
- explain the scope of what can be certified under Articles 42 and 43 and the purpose of certification.
Comments should be sent by 12 July 2018.