Accountability

Image

Accountability Topic Page

Accountability is one of the fair information practice principles. It says that a data controller should be accountable for complying with measures which give effect to the other principles. Accountability does not redefine privacy or replace laws, but shifts the focus of privacy governance to an organization’s ability to demonstrate its capacity to achieve specified privacy objectives.

This topic page offers resources to help you determine what accountability means for your organization.

Featured Resources

WEB CONFERENCE

Building a Privacy Risk Framework for Accountability Through PIAs

In this web conference you will learn how to build a PIA framework that can establish the accountability needed to help manage privacy risk
Read More

ARTICLE

Why demonstrable accountability matters

This article covers how organizations that create products and services and make decisions based upon a demonstrable accountability foundation to build trust can earn the ability to use advanced analytical data processing and AI to their full potential.
Read More

ARTICLE

US House subcommittee talks Big Tech accountability

A wide-ranging U.S. House committee hearing explored ways to protect online users. Lawmakers sought to understand how specific legislation would increase transparency and accountability of Big Tech platforms
Read More

ARTICLE

AI accountability: An analysis of NTIA stakeholder comments

This article provides analysis on NTIA stakeholder comments on AI accountability measures and polices to assist in the crafting of a report on AI accountability policy.
Read More

ARTICLE

Transparency by design in AI-powered decision making

This article provides an overview on how the introduction of algorithmic accountability into the U.S. data protection landscape is a timely and farsighted development.
Read More

ARTICLE

CIPL report explores ‘the age of accountability’

This article covers the CIPL’s report examining how 17 companies created, implemented and enforced accountability in their business, culture and privacy programs, as well as how to build consensus on accountability between industry and regulators
Read More


Additional News and Resources

White House announces principles to increase platform accountability

The White House released a readout of a listening session about technology platform accountability. During the meeting, technology experts and practitioners identified six key areas of concern platforms need to address: “competition; privacy; youth mental health; misinformation and disinformation; illegal and abusive conduct; … and algorithmic discrimination and lack of transparency.” The meeting led to the Biden administration releasing six “principles for enhancing competition and tech platfor... Read More

BBB National Programs first APEC-approved US nonprofit Accountability Agent

The Asia-Pacific Economic Cooperation approved the first U.S.-based nonprofit Accountability Agent in the APEC privacy certification systems. Following its approval by a joint oversight board and the 21 APEC economies, BBB National Programs announced it becomes one of seven worldwide recognized Accountability Agents in the APEC Cross Border Privacy Rules and Privacy Recognition for Processors systems. The nonprofit will work one-on-one with companies of all sizes doing business in the 21 econom... Read More

Dynamic data security should be the policy default: Dynamic data obscurity revisited

The Information Accountability Foundation used the phrase “dynamic data obscurity” in 2015 after I organized a Washington dialogue and a Brussels session on the topic. With the Court of Justice of the European Union's "Schrems II" decision and draft legislation in Canada, it is time to bring the term back. Below is an update of my 2015 blog. In 2030, I will be 80 years old and very dependent on data-driven technologies. In 10 years, I will not own a car and will instead share a vehicle with oth... Read More

CIPL report explores 'the age of accountability'

Accountability is having its moment in today’s digital, data-driven world, accentuated by the COVID-19 pandemic, according to Hunton Andrews Kurth Centre for Information Policy Leadership President Bojana Bellamy, CIPP/E. And while this is “the age of accountability," she said, it’s something the CIPL has been promoting for many years. Among its work, in 2018, the Centre published an accountability framework that identifies the essential elements of accountability-based data privacy and governa... Read More

Irish DPC discusses accountability through codes of conduct, certification

In a blog post on its website, the Irish Data Protection Commission discussed how to operationalize accountability by using codes of conduct and certifications under the EU General Data Protection Regulation. The DPC wrote using both accountability tools "will allow all stakeholders to play their part in the application, monitoring, supervision and enforcement of data protection standards." The post went on to address considerations for codes and certifications across industries, the regulatory ... Read More

Managing data expectations and accountability for DPOs

“Raising awareness about data protection through accountability based practices” should be a top priority for data protection officers, AsiaDPO writes for DPO Connect. Further, “it is not surprising that individual expectations of information privacy and control over data are changing because data is abundant and privacy is scarce.” It will no longer be enough to use a checklist to ensure compliance, they write, but rather, DPOs will need to ask critical questions, including, “What is your commi... Read More

Looking beyond the fines: Accountability in light of FTC consent orders

Over the last few months, a hot topic of privacy enforcement action has undoubtedly been the $5 billion U.S. Federal Trade Commission settlement with Facebook over the company’s alleged violation of a prior 2012 FTC consent order. While the high price tag of noncompliance has been the source of much discussion in privacy circles, the FTC settlement also makes a very strong statement in terms of the possible standard against which all companies’ privacy management programs may be measured going f... Read More

A look at the proposed Algorithmic Accountability Act of 2019

On April 10, Sens. Cory Booker, D-N.J., and Ron Wyden, D-Ore., sponsored the Algorithmic Accountability Act of 2019 in the U.S. Senate, with a House of Representatives equivalent sponsored by Rep. Yvette Clarke, D-N.Y. "The bill, which is also referred to as S.1108, is influenced by the [EU General Data Protection Regulation and the California Consumer Privacy Act], and directs the Federal Trade Commission to require entities that use, store or share personal information to conduct automated dec... Read More

The role of DPAs in incentivizing accountability

If ever there was a potential cure-all for the current trust deficit in the digital society and the many data protection woes facing us, organizational accountability surely is it. It is no surprise, therefore, that in recent years, accountability has garnered broad international support in data protection circles. It is also now a prominent feature of many modern day privacy regimes, including the EU General Data Protection Regulation. But to reach its full panacean potential, accountability m... Read More

Encouraging a self-resolution approach under the accountability principle

The strong emphasis on the accountability principle in some regulations allows organizations to resolve complaints or disputes relating to the data protection (or data privacy) provisions through alternate dispute resolution mechanisms, such as conciliation, negotiation or mediation, or even arbitration. For instance, the Personal Data Protection Act 2012 of Singapore establishes the possibility that any complaint by an individual against an organization might be more appropriately resolved thr... Read More

For Privacy Officers: Getting to Accountability with Limited Resources

Many privacy and data protection regulators around the world, including regulators in Canada, France, Australia, Hong Kong and Colombia, have written guideline papers about accountability that promote the building of a privacy-management program. These guideline papers provide the building blocks for a privacy program but do not address how to resource the building and maintain a privacy-management program. Privacy offices grapple with the challenge of finding enough resources to allocate for p... Read More