EU data pro­tec­tion watch­dog laun­ches accoun­ta­bi­li­ty initiative

On June 7, 2016, the EU’s top data pro­tec­tion offi­cial Gio­van­ni But­tarel­li infor­med in a Press release that the Euro­pean Data Pro­tec­tion Super­vi­sor (EDPS) has laun­ched an accoun­ta­bi­li­ty initia­ti­ve. The EDPS will visit various EU orga­niz­a­ti­ons to edu­ca­te them about their future accoun­ta­bi­li­ty under the GDPR. While the accoun­ta­bi­li­ty initia­ti­ve is pri­ma­ri­ly aimed at EU insti­tu­ti­ons and aut­ho­ri­ties, it should also ser­ve as an incen­ti­ve for natio­nal data pro­tec­tion authorities.

The GDPR brings with it a shift in accoun­ta­bi­li­ty and thus a chan­ge in cul­tu­re. EU orga­niz­a­ti­ons will incre­a­singly have to take respon­si­bi­li­ty for data pro­tec­tion and it will be up to them – and not the data pro­tec­tion aut­ho­ri­ties – to demon­stra­te com­pli­an­ce. The GDPR ensh­ri­nes accoun­ta­bi­li­ty of orga­niz­a­ti­ons as a princip­le and obli­ges them to imple­ment appro­pria­te tech­ni­cal and orga­niz­a­tio­nal mea­su­res to ensu­re the rights of data sub­jects. For this pur­po­se, the que­sti­onn­aire deve­lo­ped by the EU Data Pro­tec­tion Offi­cer (EDPS data pro­tec­tion accoun­ta­bi­li­ty que­sti­onn­aire) ser­ve as a template.