Why the certification process defined in the General Data Protection Regulation cannot be successful

Research output: Contribution to journalArticleScientificpeer-review

Abstract

Abstract
This paper analyses the final version of Articles 42 and 43 dedicated to the certification procedures in the General Data Protection Regulation (hereinafter GDPR). It questions the introduction of this procedure in the data protection regulation framework and argues that the purposes assigned to the certification in the GDPR meet the needs of the different contributors to the preliminary discussions to the reform. It also argues that the processes defined in Articles 42 and 43 to issue the certification diverge from the commonly accepted practices in this activity and the processes suggested in the new regulation impede its chance to be successfully implemented.
Original languageEnglish
Pages (from-to)814-826
Number of pages13
JournalComputer Law and Security Review
Volume32
Issue number6
DOIs
Publication statusPublished - 1 Dec 2016

Fingerprint

data protection
Data privacy
certification
regulation
reform
Data protection
Certification

Keywords

  • Certification
  • certification mechanisms
  • GDPR

Cite this

@article{4b6093c04f7144f1b7ba3e4715d241b6,
title = "Why the certification process defined in the General Data Protection Regulation cannot be successful",
abstract = "AbstractThis paper analyses the final version of Articles 42 and 43 dedicated to the certification procedures in the General Data Protection Regulation (hereinafter GDPR). It questions the introduction of this procedure in the data protection regulation framework and argues that the purposes assigned to the certification in the GDPR meet the needs of the different contributors to the preliminary discussions to the reform. It also argues that the processes defined in Articles 42 and 43 to issue the certification diverge from the commonly accepted practices in this activity and the processes suggested in the new regulation impede its chance to be successfully implemented.",
keywords = "Certification, certification mechanisms, GDPR",
author = "Eric Lachaud",
year = "2016",
month = "12",
day = "1",
doi = "10.1016/j.clsr.2016.07.001",
language = "English",
volume = "32",
pages = "814--826",
journal = "Computer Law and Security Review",
issn = "0267-3649",
publisher = "ELSEVIER ADVANCED TECHNOLOGY",
number = "6",

}

Why the certification process defined in the General Data Protection Regulation cannot be successful. / Lachaud, Eric.

In: Computer Law and Security Review, Vol. 32, No. 6, 01.12.2016, p. 814-826.

Research output: Contribution to journalArticleScientificpeer-review

TY - JOUR

T1 - Why the certification process defined in the General Data Protection Regulation cannot be successful

AU - Lachaud, Eric

PY - 2016/12/1

Y1 - 2016/12/1

N2 - AbstractThis paper analyses the final version of Articles 42 and 43 dedicated to the certification procedures in the General Data Protection Regulation (hereinafter GDPR). It questions the introduction of this procedure in the data protection regulation framework and argues that the purposes assigned to the certification in the GDPR meet the needs of the different contributors to the preliminary discussions to the reform. It also argues that the processes defined in Articles 42 and 43 to issue the certification diverge from the commonly accepted practices in this activity and the processes suggested in the new regulation impede its chance to be successfully implemented.

AB - AbstractThis paper analyses the final version of Articles 42 and 43 dedicated to the certification procedures in the General Data Protection Regulation (hereinafter GDPR). It questions the introduction of this procedure in the data protection regulation framework and argues that the purposes assigned to the certification in the GDPR meet the needs of the different contributors to the preliminary discussions to the reform. It also argues that the processes defined in Articles 42 and 43 to issue the certification diverge from the commonly accepted practices in this activity and the processes suggested in the new regulation impede its chance to be successfully implemented.

KW - Certification

KW - certification mechanisms

KW - GDPR

U2 - 10.1016/j.clsr.2016.07.001

DO - 10.1016/j.clsr.2016.07.001

M3 - Article

VL - 32

SP - 814

EP - 826

JO - Computer Law and Security Review

JF - Computer Law and Security Review

SN - 0267-3649

IS - 6

ER -