Greetings from Amsterdam!
I write from the city of Amsterdam, where I am attending the 37th International Privacy Conference, which is centered on the recent “Privacy Bridges” report in search of transatlantic (EU/U.S.) privacy solutions. A city rich in historical innovation, steeped in a tradition of civil liberty, Amsterdam itself has no fewer than 1,539 bridges. Perhaps there was a hope that the wealth of bridges coupled with the city’s history for creative and free thinking would rub off on the conference proceedings.
There was, as expected, much allusion to the current Safe Harbor crisis, and Dutch Commissioner Jacob Kohnstamm rightly quoted Winston Churchill: “Never let a good crisis go to waste.” No need to preach to the converted, a collective nod of consent was felt.
Representatives from business, government organizations, NGOs, academia and DPAs present were invited to comment and discuss the identified Privacy Bridges through a series of sessions. What seems clear, as expressed by a number of stakeholders present, is the need for a substantial review and change within the guiding legislation to effect a coherent privacy framework—both sides of the pond. Interestingly enough, there visibly lacked a clear and present voice from the legislator side throughout the conference. Clearly, if one was expecting parallel presentations and discussions centered on corrective legislative proposals, they were attending the wrong conference. Kohnstamm’s response was measured as well as accurate: “Of course a higher level of data protection legislation is and remains needed. We will keep fighting for that. But while these concerns are legitimate, I think that the fight for better data protection legislation and the building of pragmatic bridges can take place at the same time.”
From the privacy professional perspective, privacy bridge eight—Accountability—is certainly of more interest, potentially holding much promise for the continued growth of the profession. Accountability essentially speaks to the requirement for organizational commitment to and implementation of strong, legitimate and fair information and privacy management practices. For this to be an effective bridge, organizational responsibility needs to encompass a set of common elements to establish corporate accountability programs. Elements such as privacy professionals assuring proper internal implementations, as well as training and awareness measures to ensure that employees have the fundamental comprehension and understanding of policy and procedure.
To answer this call, one of the report’s recommendations is that private-sector actors should continue to provide for the development of privacy professionals. CPOs and other privacy pros must be trained, certified and recruited by organizations and provided with adequate resources and the appropriate authority to fulfill their functions.
In short, and when considering the bigger picture of those 10 privacy bridges, one could reasonably argue that the privacy professional is at the heart of the solution and the tangible guarantee that eventual safeguards to global privacy are maintained. Not a bridge too far I think.
If you want to comment on this post, you need to login.