Update from IAPP Europe

Privacy commissioners and data protection authorities from around the world convened in Marrakech this week for their 38th International Privacy Conference, hosted by the Moroccan DPA – the CNDP.

From a legal standpoint, the GDPR has placed the individual as the center of the law, reinforcing individual rights such as consent and conferring the new right of portability. This is increasingly important as a means to protect individual autonomy and choice. In addition, the assertion is that this should help foster innovation in a general sense, and limit individual data concentrations in the hands of the few. What seems key to the digital working group is a need to regain a higher level of confidence on the part of the individual with both the public authorities and the private sector, particularly in what concerns access to personal data by public authorities. This confidence, has been significantly eroded in recent time. This has also been a fundamental driver for discussion within the WP29. One will remember that the WP29 was instrumental in raising concerns regarding mass and indiscriminate surveillance issues in response to the proposed adoption of the Privacy Shield. Moreover, speaking generally to the work being undertaken by the WP29 in relation to the GDPR……. efforts to translate the “text provisions” into a tangible operational tool box.