On 13 December 2016, the Article 29 Data Protection Working Party discussed certain critical matters with regards to the implementation of the General Data Protection Regulation and adopted three Guide Lines: - Guideline on the right to Data Portability; - Guideline on Data Protection Officers (DPO); - Guideline on the Lead Supervisory Authority. The Guideline on the right to data portability aims at discussing the right to data portability and its scope. It clarifies the conditions under which this new right applies taking into account the legal basis of the data processing (either the data subject’s consent or the necessity to perform a contract) and the fact that this right is limited to personal data provided by the data subject. it also helps data controllers to clearly understand their respective obligations and recommends best practices and tools that support compliance with the right to data portability. The Guideline on Data Protection Officers (DPO) is focused on the concept of DPO , which will be at the heart of this new legal framework for many organisations, facilitating compliance with the provisions of the GDPR. Under the GDPR, it is mandatory for certain controllers and processors to designate a DPO.2 This will be the case for all public authorities and bodies (irrespective of what data they process), and for other organisations that - as a core activity. Instead, the Guideline on the Lead Supervisory Authority is focused on the identification of a lead supervisory authority, when controller or processor is carrying out the cross-border processing of personal data, which is defined under no. art, 43 if the EU Regulation as - processing of personal data which takes place in the context of the activities of establishments in more than one Member State of a controller or processor in the Union where the controller or processor is established in more than one Member State; or - processing of personal data which takes place in the context of the activities of a single establishment of a controller or processor in the Union but which substantially affects or is likely to substantially affect data subjects in more than one Member State.