The General Data Protection Regulation Contributes to the Rise of Certification as Regulatory Instrument
16 Pages Posted: 26 Mar 2017
Date Written: March 25, 2017
Abstract
This paper argues that the endorsement of certification in the General Data Protection Regulation (hereinafter GDPR) makes of this procedure a new type of regulation instrument filling the gap between the self-regulation and the regulation. The lawmaker leveraged the flexibility with which certification schemes can be rearranged to turn this procedure into something else than the optional process attesting the conformity with technical standards. This tool has been officially endorsed as a regulation instrument into the GDPR. It is organized through a co-regulation arrangement involving the authorities in the design and the management of the schemes in order to ensure its legitimacy and reliability. It will be mainly used for attesting the conformity of data controllers and processors with the fundamental rights applicable to the European citizens.
Keywords: Data Protection Certification, Privacy Certification, Data Protection Seal, Privacy Seal, Co-regulation, Self-regulation
Suggested Citation: Suggested Citation