April fool’s day is not the best day to launch a blog, but Giovanni Buttarelli, the European Data Protection Supervisor decided to put his digital pen to paper to launch a blog heralding the advent of a new era of data protection where European standards will be the “digital gold standard”
Buttarelli is referring to the General Data Protection Regulation which is expected to become law before the Summer.
Mr Buttarelli sees the two major strategic consequences of the GDPR which he describes as a “game changer” and at the core of our human dignity setting the standard for a generation:
The first consequence is that the GDPR sets up a genuine platform for global partnerships. This reflects the global nature of data flows, enabled by technologies and driven by creative, disruptive business models.Over half the countries in the world now have a data protection and/or privacy law, and most are strongly influenced by the European approach, a trend towards the ‘global ubiquity’ of data privacy. The regulation promises a wider scope for cooperation between authorities and data controllers both within the EU and internationally. It should galvanise efforts for a more consistent standard contractual clauses, speed up the validation process for binding corporate rules, and help them dovetail with similar arrangements elsewhere in the world. I hope that the new provisions for codes of conduct, seals, certification and accreditation processes will incentivise controllers inside and outside the EU to take the initiative in devising standards which are both business friendly and in the interests of individuals.
The second consequence is that data protection is no longer an optional extra. The Court of Justice of the European Union applies these rules strictly, interpreting them in the light of the EU Charter of Fundamental Rights, and favouring the rights and interests of the individual above corporate or business aims, however reasonable and legitimate. The EU cannot retreat from these core values. Data protection authorities will have to be vigilant in monitoring implementation of the GDPR, and applying the newly- amplified range of possible sanctions in case of violation.