privacy certification

On June 16, 2016, the French data protection authority (“CNIL”) launched a public consultation on the General Data Protection Regulation (“GDPR).   The consultation focuses on four priority themes set out in the Article 29 Working Party’s 2016 Action plan:

  • the data protection officer;
  • the right to data portability;
  • data protection impact assessments; and
  • certification.

Continue Reading The CNIL and EDPS Launch Public Consultations

By Fredericka Argent

The UK’s Information Commissioner’s Office (ICO) has announced that it is looking to introduce a system of “privacy seals” for organizations doing business in the UK.  The seal is intended to be a consumer-facing stamp of approval demonstrating that a particular organization is meeting or surpassing the compliance requirements of the UK’s Data Protection Act.  The ICO expects that this will provide numerous benefits, both for companies, who could gain an advantage over competitors, and for customers, who should feel confident entrusting their personal information to companies displaying the seal.  It is hoped that the privacy seal will incentivize good data protection practices across UK businesses.

The privacy seals themselves will be delivered by third party operators who are endorsed by and work with the ICO.  It is expected that different operators will focus on different sectors, meaning that accreditation schemes can be tailored to particular industries.  For example, an operator handling the privacy seals for mobile app companies may be different to the operator assigned to healthcare service providers.  A privacy seal will only be awarded to an organization once they have demonstrated that they meet the relevant data protection standards.
Continue Reading The UK’s Data Protection Regulator to Introduce “Privacy Seals” for Businesses