The Conference of Independent German Federal and State Data Protection Supervisory Authorities (Datenschutzkonferenz -DSV) has released its report on the application of the EU's General Data Protection Regulation (GDPR). The DSK shares the view that the GDPR's regulatory concept and objectives have largely proved a success, but IAPP reports that the Conference of authorities suggested nine areas that need improvement or clarity, including practicability, data breach reports, purpose limitation, data protection by design, supervisory authorities' powers and sanctioning practice, and direct marketing