Since the adoption of GDPR in 2016, the data protection regulatory landscape around the world is changing faster than ever before. Countries are updating existing privacy and data protection rules or introducing completely new laws, imposing stricter norms on organisations and providing more rights for individuals. From 2020, California and Brazil and various other countries and regions will be subject to more data protection rules, whilst debates on data protection rules continue in Canada, in various African countries and in India, to name but a few. At the same time, questions are being raised if these new laws are enough. Are we really able to come up with rules that are future- and technology-proof? Or do we keep running behind the facts? Especially in the age of big data, machine learning, algorithms and artificial intelligence, legislation seems to struggle to keep up. This panel will explore if a broader adoption of the accountability principle in law, as well as an operationalisation of the principle by companies, can serve as one of the keys to better compliance.