Should the DPO be certified

Research output: Contribution to journalArticleScientificpeer-review

Abstract

The General Data Protection Regulation proposal (GDPR) set stringent requirements about the skills of the Data Protection Officer (DPO) but does not provide any cue to ensure that DPOs really possess these competences.This paper explores the interest in introducing a certification process to certify the skills of the DPO. It shows that certification could be a way to ensure the consistency of the competences of the DPO throughout Europe.Public and private certification schemes, which are both encouraged in the last version of Article 39 of the GDPR, would be relevant and workable. The private schemes that already certify the competences of the data protection professionals in Europe offer a ready-to-go solution that must be evaluated.However, certification as a self-regulation tool presents drawbacks, especially in terms of reliability that limits its value as a regulatory tool.
Original languageEnglish
Pages (from-to)189-202
Number of pages14
JournalInternational Data Privacy Law
Volume4
Issue number 3
DOIs
Publication statusPublished - 1 Aug 2014

    Fingerprint

Keywords

  • Certification
  • certification mechanisms
  • GDPR

Cite this