The General Data Protection Regulation and the rise of certification as a regulatory instrument

Eric Lachaud

Research output: Contribution to journalArticleScientificpeer-review

13 Citations (Scopus)

Abstract

The endorsement of certification in Article 42 and 43 of the General Data Protection Regulation (hereinafter GDPR) extends the scope of this procedure to the enforcement of fundamental rights. The GDPR also leverages the high flexibility of this procedure to make of certification something else than a voluntary process attesting the conformity with technical standards. This paper argues that the GDPR turned certification into a new regulatory instrument in data protection, I suggest to call it monitored self-regulation, seeking to fill the gap between self-regulation and traditional regulation in order to build a regulation continuum.
Original languageEnglish
Pages (from-to)244-256
Number of pages13
JournalComputer Law and Security Review
Volume34
Issue number2
DOIs
Publication statusPublished - 2 Apr 2018

Fingerprint

Dive into the research topics of 'The General Data Protection Regulation and the rise of certification as a regulatory instrument'. Together they form a unique fingerprint.

Cite this