Organizational Accountability in Data Protection Enforcement - How Regulators Consider Accountability in their Enforcement DecisionsOctober 6, 2021
Promoting organizational accountability among all organizations that process personal data has been one of the Centre for Information Policy Leadership’s (CIPL) main areas of focus. An important component of our work on that front has been to identify ways in which data protection laws, public policy, and approaches to enforcement can encourage and incentivize organizational accountability. This paper elaborates specifically on the enforcement component of our previous policy work on accountability.
|
Looking Beyond COVID-19: Future Impacts on Data Protection and the Role of the Data Protection AuthoritiesJune 2, 2020
The COVID-19 crisis is imposing a wide range of immediate and likely long-term impacts on organizations, governments, regulators, people and society at large. Many of them are likely to stay with us beyond the immediate crisis and change the way we all live, work and interact going forward. These impacts likely will also be felt in data privacy – from how we perceive this right in light of other rights to how we behave and what we expect. They will also change the way organizations and governments collect, use and share data (not just in the COVID-19 context, but generally).
In this paper, we examine some of these trends from the point of view of organizations, DPAs and society. We also try to anticipate how these trends may force all of these actors to adapt and change in the post-COVID-19 world, including and particularly DPAs. We also suggest that organizational accountability – championed, encouraged and enforced by DPAs – will be essential to mitigating any challenges that such changes might pose for data protection. |
Regulatory Sandboxes in Data Protection - Constructive Engagement and Innovative Regulation in PracticeMarch 8, 2019
What is a “Regulatory Sandbox”? How could it contribute to high standards of data protection and privacy and promote innovation? What are the challenges and problems? What safeguards are needed? Why would regulators and organizations want to participate in a Sandbox?
In this white paper, we set out the key features of the concept. Essentially, it is a supervised “safe space” set up by a Data Protection Authority (DPA) for piloting and testing innovatory products, services, business models or delivery mechanisms of participating organizations in the real market, using the personal data of real individuals. We identify the main benefits of the approach—for organizations, for DPAs, for policymakers, for economic and social progress and for individuals. |
Regulating for Results: Strategies and Priorities for Leadership and EngagementSeptember 25, 2017 (Updated on October 10, 2017)
The ecosystem for regulating data protection and privacy is changing rapidly, and not just within the EU. For many years CIPL has championed the role of accountable organizations and the merits of a risk-based approach. We now turn to the “plumbing” of the system as a whole and consider how its component parts can best fit together.
The aim of this paper in particular is to stimulate discussion about how Data Protection Authorities (DPAs) can maximize their effectiveness in the modern information age. |
Copyright © 2024 by the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP.
|