Why the certification process defined in the General Data Protection Regulation cannot be successful

Eric Lachaud

Research output: Contribution to journalArticleScientificpeer-review

9 Citations (Scopus)

Abstract

Abstract
This paper analyses the final version of Articles 42 and 43 dedicated to the certification procedures in the General Data Protection Regulation (hereinafter GDPR). It questions the introduction of this procedure in the data protection regulation framework and argues that the purposes assigned to the certification in the GDPR meet the needs of the different contributors to the preliminary discussions to the reform. It also argues that the processes defined in Articles 42 and 43 to issue the certification diverge from the commonly accepted practices in this activity and the processes suggested in the new regulation impede its chance to be successfully implemented.
Original languageEnglish
Pages (from-to)814-826
Number of pages13
JournalComputer Law and Security Review
Volume32
Issue number6
DOIs
Publication statusPublished - 1 Dec 2016

Keywords

  • Certification
  • certification mechanisms
  • GDPR

Fingerprint

Dive into the research topics of 'Why the certification process defined in the General Data Protection Regulation cannot be successful'. Together they form a unique fingerprint.

Cite this