TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Europe Data Protection Digest | Notes from the IAPP Europe Managing Director, 9 June 2017 Related reading: A conversation on protecting children's privacy




Greetings from Brussels!

This week, the Italian Data Protection Authority, the Garante, presented its 2016 Annual Activity Report. With a focus on current data privacy issues, an emphasis was given to its current efforts with the upcoming entry into force of the GDPR in May 2018. Rocco Panetta, IAPP board member and one of our longest-serving Italian members, was in Rome for the presentation and penned an article for the IAPP Privacy Advisor. Make sure you read it.

I noted with interest Panetta's recall that, at the Garante's founding in 1996, its raison d'être was, “Should technology be ethically, politically, socially and legally acceptable above all, or is its use aimed at making things technically possible?” Fast forward to 2017, and the question is still critical today, not only for the Garante but also for all the European watchdogs. Indeed, the questions surrounding data ethics and its coexistence with privacy rights (particularly here in Europe) are core to the contemporary privacy debate. The EDPS with foresight launched its Ethics Advisory Committee back in December 2015; other watchdogs have also implemented working groups to tackle the ethical dimension of data protection. The objective: to explore the relationships between rights, technology, markets and business models from an ethical standpoint in the digital environment.

It's also worth noting the Garante's call for more resources. The requirement for additional resources is certainly a trend among the European data protection authorities as they seek to satisfy the requirements of the GDPR in full. Many other EU watchdogs have over the last year started to increase recruitment, as well as training, to be GDPR ready for next year. It was reported just this week that the Dutch privacy watchdog, Autoriteit Persoonsgegevens, will also require more budget allocations to meet GDPR needs. The news report stated that, for the Dutch DPA to be fully effective under the GDPR environment, they will need to increase staff levels from 185 to 270 full time. These figures are based on a report conducted by an independent consultancy, which has been sent to the Dutch parliament. Clearly, the Garante is not alone in its assessments.

An overall strengthening of supervisory powers seems to be a recurrent trend as watchdogs seek to grow staff levels and engage, to a greater extent, with parallel authorities in their member state jurisdictions. The Garante also welcomed closer ties and cooperation with all national supervisory authorities operating in the field of competition policy and telecommunications with the aim of investigating the extensive use of big data and analytics by the OTT providers. This should also allow for consistent and effective coordination among national players.

The Garante further highlighted the need for greater international cooperation both at EU level — speaking to its future role with the European Data Protection Board — as well as beyond EU borders, another common sentiment expressed by other watchdogs. International data flows will continue to play a significant role as privacy culture goes increasingly global and mainstream. Plenty for all to do going forth. We'll have to see if DPAs get the resources and staffing to manage it all.


If you want to comment on this post, you need to login.