On June 4, the CIPL hosted its first-ever “CIPL In Focus”—an immersive, full-day event for senior-level professionals to examine in-depth the operational challenges related to a given issue and to share practical approaches for overcoming those challenges. The fast-moving, thought-provoking discussion focused on the future of privacy, data governance, and responsible innovation. The conversation looked […]

In this white paper, CIPL proposes a roadmap for building a holistic data strategy that seeks to align the Board and C-suite on data-driven initiatives and provide a framework for promoting innovative and responsible uses of data, including the development and deployment of powerful AI technologies.

This study by the Centre for Information Policy Leadership (CIPL) and the Privacy Center of Excellence at Cisco explores the business benefits and return on investment (ROI) of DPMPs. In particular, the study demonstrates that organizations are experiencing a wide range of benefits from investing in DPMPs. These include risk management and compliance benefits, as […]

Promoting organizational accountability among all organizations that process personal data has been one of the Centre for Information Policy Leadership’s (CIPL) main areas of focus. An important component of our work on that front has been to identify ways in which data protection laws, public policy, and approaches to enforcement can encourage and incentivize organizational accountability. This paper […]

CIPL has a long history of exploring accountability-based information management and privacy governance. As part of our work on enabling innovation while also protecting privacy, we are currently exploring how to further develop and improve the existing concept of accountability to maximize both goals. This report consolidates the findings of CIPL’s Accountability Mapping Project launched […]

Organisational accountability is a powerful tool in the hands of the political and business leaders that are shaping 21st century Europe. It places the responsibility for ethical behavior and the protection of individuals on the organizations that are best placed to achieve it. This report argues that accountability is a scalable and transferrable concept that can be implemented by […]

Promoting organizational accountability among all organizations that process personal data has been one of the Centre for Information Policy Leadership’s (CIPL) main areas of focus. An important component of our work on that front has been to identify ways in which data protection laws, public policy, and approaches to enforcement can encourage and incentivize organizational accountability. This paper […]

This short paper introduces two CIPL papers on the topic of organisational accountability – The Case for Accountability: How it Enables Effective Data Protection and Trust in the Digital Society and The Case for Accountability: How it Enables Effective Data Protection and Trust in the Digital Society. It outlines the goals of these other papers, […]

It is essential that there is consensus and clarity on the precise meaning and application of organisational accountability among all stakeholders, including organisations implementing accountability and data protection authorities (DPAs) overseeing accountability. Without such consensus, organisations will not know what DPAs expect of them and DPAs will not know how to assess organisations’ accountability-based privacy […]

The objectives of this second paper in our Accountability series are, first, to make the case for specifically incentivising organisational accountability and, second, to provide specific suggestions for what such incentives might be. Importantly, the objective in promoting an approach of incentivising accountability is not to weaken or hinder the powers of data protection authorities […]

On 30 June 2016, CIPL and Telefónica held a joint Roundtable in London, with senior business leaders, data privacy officers and lawyers, data privacy regulators and academic experts, entitled ‘Reframing Data Transparency’. The objective of the Roundtable was to build on recent projects, initiatives and legal changes related to data transparency, such as the EU-US […]

Risk management has long played an important role in data protection. Over the past three years, CIPL has hosted a series of multinational workshops and published two white papers on risk management and its role in effective modern data protection. In this paper we focus on the interaction of risk management with other data protection […]

In the modern information age of big data, the Internet of Things and cloud computing, new data-driven products and services are enabling scientific and societal developments at a rapid pace and are the key drivers of economic growth. Our digital information society depends and thrives on the ability to generate, collect, aggregate, link and use […]

Data protection has long relied on risk management as a critical tool for complying with data protection laws and ensuring that data are processed appropriately and the fundamental rights and interests of individuals are protected effectively. Yet these risk management processes, whether undertaken by businesses or regulators, have often been informal, unstructured and failed to […]

On March 20, 2014, the Centre held a workshop in Paris during which more than 50 privacy experts, industry representatives and regulators discussed their experiences and views with respect to the risk-based approach to privacy, the privacy risk framework and methodology, as well as goals and next steps in this project. This paper, titled “A […]

Accountability builds on traditional notions of fair information practices, but incorporates new elements that require organizations to implement comprehensive privacy programs and base their decisions about data on credible assessment of the risks they raise for individuals and how best to mitigate them. This year, the CIPL has responded to suggestions in public policy discussions […]

In the current data environment, organizations must employ effective and explicit data governance programs to protect individuals against the risks that these uses of information may raise. While individuals must continue to play an appropriate role in making choices about sharing their data, they cannot be held responsible for detailed decisions about vastly complex technologies […]

When the participants in the Accountability Project released its discussion paper on accountability’s essential elements in October 2009, they did so recognizing that within the framework  described in that document, it would be necessary to address questions about the its real-world implementation. CIPL was excited to facilitate further work on accountability, assembling experts to consider […]

This document serves as a compendium of our work conducting throughout our Accountability Project as of 2010, along with other notable contributions on this vital topic, including: Data Protection Accountability: The Essential Elements (October, 2009) Demonstrating and Measuring Accountability – The Paris Project (October, 2010) Privacy by Design: Essential for Organizational Accountability and Strong Business […]

Innovations in technology; rapid increases in data collection, analysis and use; and the global flow and access to data have made an unprecedented array of products, resources and services available to consumers. These developments, however, in no way diminish an individual’s right to the secure, protected and appropriate collection and use of their information. The […]