Greetings from Marrakech!
Privacy commissioners and data protection authorities from around the world convened in Marrakech this week for their 38th International Privacy Conference, hosted by the Moroccan DPA – the CNDP.
During the first two days of closed sessions, the collected DPAs received a progress report from the U.N. Special Rapporteur on the Right to Privacy, and additional reports from the ICDPPC working groups on digital education, privacy and humanitarian action, data protection in telecommunications, and on an enforcement cooperation meeting, among many topics.
On the subject of digital education, I was fortunate to have a meeting with Isabelle Falque-Pierrotin, CNIL President and Chairwoman of the WP29, and also chair of the working group on digital education for the ICDPPC.
First of all, it is important to note, she told me that the privacy commissioners share similar views that data protection is facing an intense and challenging time globally. With increasing cross border data flows, the private sector has seen the subject matter of data as an increasingly competitive advantage for their businesses. As Isabelle mentions, public authorities and regulators find themselves at the heart of the matter particularly concerning surveillance. The most significant development she says is undoubtedly the place occupied by the individual in this ecosystem. As a matter of public debate, highlighted extensively by the media, we see an increasing and continued expression of concern, and also the desire for individual control over one’s personal data.
The work of the digital working group reached a major objective in closed session this week, agreeing upon a resolution for a global common framework of digital competencies for minors. The aim is to ensure our youth become responsible and informed "digital citizens," so as to best manage normative expectations in the digital age. As Isabelle explained, this goes well beyond educating on the risks. This is more to do with individual cultural evolution as a bedrock for the self-realization of the individual’s place in the digital space. The resolution is a key political development, as all 50 members of the group agreed on a common tool that can be presented to international education ministries and subsequently integrated in school curriculums.
Digital education, as articulated by Isabelle, has a future as a facilitator for a more cohesive approach to harmonization of data protection principles. It is of primary importance, and will involve many stakeholders, from regulators and their governments to educators, civil society and private enterprise. “We will all have our part to play in co-responsibility,” she said. As interdependent entities, we will need to share in safeguarding our data ecosystems so that they, and the individual citizen, can flourish.
From a legal standpoint, the GDPR as Isabelle reminded me, has placed the individual as the center of the law, reinforcing individual rights such as consent and conferring the new right of portability. This is increasingly important as a means to protect individual autonomy and choice. In addition, the assertion is that this should help foster innovation in a general sense, and limit individual data concentrations in the hands of the few. What seems key to the digital working group is a need to regain a higher level of confidence on the part of the individual with both the public authorities and the private sector, particularly in what concerns access to personal data by public authorities. This confidence, she feels, has been significantly eroded in recent time. This has also been a fundamental driver for discussion within the WP29. One will remember that the WP29 was instrumental in raising concerns regarding mass and indiscriminate surveillance issues in response to the proposed adoption of the Privacy Shield. Moreover, speaking generally to the work being undertaken by the WP29 in relation to the GDPR, Isabelle spoke of WP29 efforts to translate the "text provisions" into a tangible operational tool box.
She concluded that "we are truly dedicated to this and we will be able to produce the first guidelines before the end of the year."
Isabelle Falque-Pierrotin is clearly passionate on the issues, and I was grateful to share her time to gain insights into her reflections. Isabelle will also be participating in our regulator panel at the IAPP Europe Data Protection Congress in three weeks with EDPS Giovanni Buttarelli and Edith Ramirez, chairwoman of the Federal Trade Commission. If my talk with her today is anything to go by, you won’t want to miss it.
If you want to comment on this post, you need to login.