Accountability

Accountability

Accountability is one of the fair information practice principles. It says that a data controller should be accountable for complying with measures which give effect to the other principles. Accountability does not redefine privacy or replace laws, but shifts the focus of privacy governance to an organization’s ability to demonstrate its capacity to achieve specified privacy objectives.

This topic page offers resources to help you determine what accountability means for your organization.

Featured Resources

Privacy Risk Framework for Accountability

In this web conference you will learn how to build a PIA framework that can establish the accountability needed to help manage privacy risk, leading practices for creating PIA/DPIAs in various environments and how to create streamlined workflows to collaborate with data owners to fill PIA/DPIAs.
Read More

Why demonstrable accountability matters

Peter Cullen writes organizations “that create products and services and make decisions based upon a demonstrable accountability foundation to build trust can earn the ability to use advanced analytical data processing and AI to their full potential.”
Read More

US House subcommittee talks Big Tech accountability

A wide-ranging U.S. House committee hearing explored ways to protect online users. Lawmakers sought to understand how specific legislation would increase transparency and accountability of Big Tech platforms, whether a comprehensive privacy law would be part of that accountability
Read More


Latest News & Resources

BBB National Programs first APEC-approved US nonprofit Accountability Agent

The Asia-Pacific Economic Cooperation approved the first U.S.-based nonprofit Accountability Agent in the APEC privacy certification systems. Following its approval by a joint oversight board and the 21 APEC economies, BBB National Programs announced it becomes one of seven worldwide recognized Accountability Agents in the APEC Cross Border Privacy Rules and Privacy Recognition for Processors systems. The nonprofit will work one-on-one with companies of all sizes doing business in the 21 econom... Read More

Dynamic data security should be the policy default: Dynamic data obscurity revisited

The Information Accountability Foundation used the phrase “dynamic data obscurity” in 2015 after I organized a Washington dialogue and a Brussels session on the topic. With the Court of Justice of the European Union's "Schrems II" decision and draft legislation in Canada, it is time to bring the term back. Below is an update of my 2015 blog. In 2030, I will be 80 years old and very dependent on data-driven technologies. In 10 years, I will not own a car and will instead share a vehicle with oth... Read More

Anti-discriminatory algorithmic accountability: Transparency by design in AI-powered decision making

Introduction of the algorithmic accountability into the U.S. data protection landscape is a timely and farsighted development. If passed into law as part of the Data Accountability and Transparency Act, it will operate as a defensive shield for protected classes and will bring more transparency, accountability and fairness into the artificial intelligence–powered decision-making process in the U.S. Simply defined, algorithmic accountability or algorithmic transparency is a policy measure aimed ... Read More

CIPL report explores 'the age of accountability'

Accountability is having its moment in today’s digital, data-driven world, accentuated by the COVID-19 pandemic, according to Hunton Andrews Kurth Centre for Information Policy Leadership President Bojana Bellamy, CIPP/E. And while this is “the age of accountability," she said, it’s something the CIPL has been promoting for many years. Among its work, in 2018, the Centre published an accountability framework that identifies the essential elements of accountability-based data privacy and governa... Read More

Better Business Bureau – Accountability Program Decisions and guidance
(Better Business Bureau, July 2021)
Privacy Commissioner of Bermuda Accountability Report
(Information Accountability Foundation, March 2020)
COVID-19 Meets Privacy: An article on Accountability
(Centre for Information Policy Leadership, October 2021)
Irish DPC discusses accountability through codes of conduct, certification
(IAPP, February 2020)
Managing data expectations and accountability for DPOs
(IAPP, January 2020)
Looking beyond the fines: Accountability in light of FTC consent orders
(IAPP, November 2019)
Personal Data and the Organization: Stewardship and Strategy
(Future of Privacy Forum, July 2019)
A look at the proposed Algorithmic Accountability Act of 2019
(IAPP, April 2019)
The role of DPAs in incentivizing accountability
(IAPP, July 2018)
Encouraging a self-resolution approach under the accountability principle
(IAPP, May 2018)
For Privacy Officers: Getting to Accountability with Limited Resources
(IAPP, June 2015)
Getting to Accountability, Nymity’s Way
(IAPP, September 2015)
Accountability in Data Governance: From Concept to Reality
(IAPP, August 2014)
Web Conference: The Hallmarks of Accountability
(IAPP, August 2014)
Self-Assessment of a Comprehensive Privacy Programme: A Tool for Practitioners
(Accountability Project, January 2014)
Components of an Accountable Company Privacy Program and How To Implement It
(IAPP, September 2013)
Accountability: A Compendium for Stakeholders
(The Hunton & Williams Centre for Information Policy Leadership, September 2012)
Accountability as the Basis for Regulating Privacy: Can Information Security Regulations Inform Privacy Policy?
(Mary Culnan of Bentley University, January 2013)
Getting Accountability Right with a Privacy Management Program
(OPC, September 2012)
Web Conference: Accountability in Complex Organizations
(IAPP, September 2012)
Web Conference: The Metrics of Accountability
(IAPP, August 2012)
Privacy Blunders Foster a New Era of Accountability
(IAPP, June 2009)
View More Resources