Forewords ∙ About Finding Practical Solutions (Without the GDPR)

N. van Eijk
2017 European Data Protection Law Review  
Every year the crème de la crème of privacy meets in September/October for the International Conference of Data Protection and Privacy Commissioners, the ICDPPC. This year the 39th conference was organised in Hong Kong by the local Privacy Commissioner for Personal Data. It was 18 years ago since the conference took place in Asia. I'm not a regular participant, but attended because researchers of my institute presented a very interesting study called 'A Roadmap to Enhancing User Control via
more » ... ser Control via Privacy Dashboards' (Authors are Kristina Irion, Svetlana Yakovleva, Joris van Hoboken and Marcelo Thompson). 1 The study was commissioned by the Privacy Bridges project. This project, bringing together EU and US experts, was set up a few years ago under the stewardship of Jacob Kohnstamm, the then chairman of the Dutch Data Protection Authority (DPA) and chairman of the Article 29 Working Party, to bridge differences in privacy between Europe and the US. 2 In order to become a bridge, three criteria need to be met. Bridges must involve practical steps that can be taken by defined actors within a reasonable time period. Bridges must not involve changes to constitutional principles or to the law and finally, bridges must have a positive effect on the level of privacy protection on both sides of the Atlantic. After finishing its report with defining ten possible bridges, the Privacy Bridges group decided to continue its work and to commission the aforementioned study with the objective to further investigate the second bridge. This bridge is about user control and calls on technology companies, privacy regulators, industry organisations, privacy scholars, civil society groups and technical standards bodies to come together to develop easy-to-use mechanisms for expressing individual decisions regarding user choice and consent. The outcome should be usable technology, developed in an open standards-setting process, combined with clear regulatory guidance from regulators, resulting in enhanced user control over how data about them is collected and used. In light of the location of the conference, the researchers were asked to present solutions that would not only bridge Europe and the US, but could also work across other regions, including Asia. Based on a thorough selection process, the report focuses on privacy dashboards. These dashboards are well known and have a long history, but in recent times substantial improvements have been made and dashboards therefore have new potential. Or as the report states:
doi:10.21552/edpl/2017/3/5 fatcat:vccfoaetsjegnbqarsfj3pzesy