This year’s ICDPPC in Brussels was a spectacular and significant event. A record crowd of attendees participated in the debates on the topic of ethics as an essential part of data protection choices in a technology-dominated world.
There were about 40 side events before and after the conference. Public space was at a premium, and so Nymity was fortunate to snag an hour and a half in a beautiful marble hall in a museum near the Royal Palace. The room was comfortably filled by a mixed group, some from business, others from academia or regulators’ offices. They had trekked the 20 minutes from the centre of town to hear about the research Nymity has conducted over the last three years and how the results of those efforts have shaped its compliance tools.
Accountability was the central theme of the event. Accountability has always been at the heart of Nymity’s perspective on compliance. It was the common thread in the development of the research Nymity has done in the recent Regulator project. The inclusion of accountability in the GDPR confirms its centrality as the basis for effective data protection efforts by organizations.
I noticed how attentive the audience was as Paul Breitbarth, Nymity’s Director of Strategic Research and Regulator Outreach, highlighted the efforts Nymity has made over the last two years to understand from regulators what is required to be considered truly accountable. He discussed how Nymity then translated that research into reality with appropriate tools, including privacy compliance software solutions. His slides illustrated how accountability shapes the organization of evidence needed for certification under the GDPR, as well as for the several reports to regulatory authorities which are now required.
Teresa Troester-Falk, Nymity’s Chief Global Strategist, followed and recounted her real-life experiences with organizations in various jurisdictions on several continents. She showed how Nymity’s comprehensive and principles-based tools adapt successfully to the details of many current regulatory environments.
In the ensuing panel discussion, Christopher Docksey, Honorary Director-General of the EDPS and a long time supporter of Nymity’s work, told the audience how important his rereading and understanding of the accountability principle had been, prior to the adoption of the new Regulation, as he worked through the practicalities of data protection in his own office and the European Union.
As the Former Privacy Commissioner of Canada and Nymity’s Regulator Advisor, I, in turn, was able to remind the audience of how accountability emerged as a central data protection pillar in the international community, from its adoption by the OECD in 1981 to the Madrid Declaration of Data Protection Commissioners in 2010 to its prominent inclusion in the GDPR in 2016. As the OECD revises its Guidelines once again in the coming year, the implications of being accountable will be revisited. Given the influence of these Guidelines, any significant modification will doubtless be mirrored in Nymity’s programs.
Time rushed on and the room was requisitioned by the participants at the next Side Event. Coffee and biscuits fortunately materialized for the many attendees who wanted to chat further with the Nymity team. Overall, I was impressed by the seriousness and the sophistication of the audience at this event, and I left wishing that all Nymity activities could happen in such palatial and inspiring settings.
If you want to learn more about how Nymity’s tools can support your accountability and privacy compliance efforts,