The future of privacy certification in Europe

An exploration of options under article 42 of the GDPR

R. Rodrigues, D. Barnard-Wills, Paul de Hert, V. Papakonstantinou

Research output: Contribution to journalArticleScientificpeer-review

Abstract

The EU faces substantive legislative reform in data protection, specifically in the form of the General Data Protection Regulation (GDPR). One of the new elements in the GDPR is its call to establish data protection certification mechanisms, data protection seals and marks to help enhance transparency and compliance with the Regulation and allow data subjects to quickly assess the level of data protection of relevant products and services. To this effect, it is necessary to review privacy and data protection seals afresh and determine how data protection certification mechanisms, seals or marks might work given the role they will be called to play, particularly in Europe, in facilitating data protection. This article reviews the current state of play of privacy seals, the EU policy and regulatory thrusts for privacy and data protection certification, and the GDPR provisions on certification of the processing of personal data. The GDPR leaves substantial room for various options on data protection certification, which might play out in various ways, some of which are explored in this article.
Original languageEnglish
Pages (from-to)248-270
Number of pages23
JournalInternational Review of Law, Computers & Technology
Volume30
Issue number3
DOIs
Publication statusPublished - 2016

Fingerprint

data protection
Data privacy
certification
privacy
regulation
Seals
personal data
EU policy
transparency
Transparency

Keywords

  • data protection seals
  • certification mechanisms
  • privacy seals

Cite this

@article{2c33ffdd5e6148a18053c8be80c50d9a,
title = "The future of privacy certification in Europe: An exploration of options under article 42 of the GDPR",
abstract = "The EU faces substantive legislative reform in data protection, specifically in the form of the General Data Protection Regulation (GDPR). One of the new elements in the GDPR is its call to establish data protection certification mechanisms, data protection seals and marks to help enhance transparency and compliance with the Regulation and allow data subjects to quickly assess the level of data protection of relevant products and services. To this effect, it is necessary to review privacy and data protection seals afresh and determine how data protection certification mechanisms, seals or marks might work given the role they will be called to play, particularly in Europe, in facilitating data protection. This article reviews the current state of play of privacy seals, the EU policy and regulatory thrusts for privacy and data protection certification, and the GDPR provisions on certification of the processing of personal data. The GDPR leaves substantial room for various options on data protection certification, which might play out in various ways, some of which are explored in this article.",
keywords = "data protection seals, certification mechanisms, privacy seals",
author = "R. Rodrigues and D. Barnard-Wills and {de Hert}, Paul and V. Papakonstantinou",
year = "2016",
doi = "10.1080/13600869.2016.1189737",
language = "English",
volume = "30",
pages = "248--270",
journal = "International Review of Law, Computers & Technology",
issn = "1360-0869",
publisher = "Routledge",
number = "3",

}

The future of privacy certification in Europe : An exploration of options under article 42 of the GDPR. / Rodrigues, R.; Barnard-Wills, D.; de Hert, Paul; Papakonstantinou, V.

In: International Review of Law, Computers & Technology, Vol. 30, No. 3, 2016, p. 248-270.

Research output: Contribution to journalArticleScientificpeer-review

TY - JOUR

T1 - The future of privacy certification in Europe

T2 - An exploration of options under article 42 of the GDPR

AU - Rodrigues, R.

AU - Barnard-Wills, D.

AU - de Hert, Paul

AU - Papakonstantinou, V.

PY - 2016

Y1 - 2016

N2 - The EU faces substantive legislative reform in data protection, specifically in the form of the General Data Protection Regulation (GDPR). One of the new elements in the GDPR is its call to establish data protection certification mechanisms, data protection seals and marks to help enhance transparency and compliance with the Regulation and allow data subjects to quickly assess the level of data protection of relevant products and services. To this effect, it is necessary to review privacy and data protection seals afresh and determine how data protection certification mechanisms, seals or marks might work given the role they will be called to play, particularly in Europe, in facilitating data protection. This article reviews the current state of play of privacy seals, the EU policy and regulatory thrusts for privacy and data protection certification, and the GDPR provisions on certification of the processing of personal data. The GDPR leaves substantial room for various options on data protection certification, which might play out in various ways, some of which are explored in this article.

AB - The EU faces substantive legislative reform in data protection, specifically in the form of the General Data Protection Regulation (GDPR). One of the new elements in the GDPR is its call to establish data protection certification mechanisms, data protection seals and marks to help enhance transparency and compliance with the Regulation and allow data subjects to quickly assess the level of data protection of relevant products and services. To this effect, it is necessary to review privacy and data protection seals afresh and determine how data protection certification mechanisms, seals or marks might work given the role they will be called to play, particularly in Europe, in facilitating data protection. This article reviews the current state of play of privacy seals, the EU policy and regulatory thrusts for privacy and data protection certification, and the GDPR provisions on certification of the processing of personal data. The GDPR leaves substantial room for various options on data protection certification, which might play out in various ways, some of which are explored in this article.

KW - data protection seals

KW - certification mechanisms

KW - privacy seals

U2 - 10.1080/13600869.2016.1189737

DO - 10.1080/13600869.2016.1189737

M3 - Article

VL - 30

SP - 248

EP - 270

JO - International Review of Law, Computers & Technology

JF - International Review of Law, Computers & Technology

SN - 1360-0869

IS - 3

ER -