The GDPR makes over 70 references to data processing certification in line with its art. 42, including for cross-border data transfers (Art. 46). Similar certification mechanisms are embedded in other data protection regulations. This session will provide an overview of the latest developments in data protection certification in Europe and internationally. The session will start by introducing the recent evolution of data protection certification. The Swiss Supervisory Authority (FDPIC) will present the experience and perspective of data protection certification in Switzerland based on many years of experience. The Council of Europe (CoE) will provide a complementary perspective on data protection certification at the international level. The European Centre for Certification and Privacy (ECCP) will present and discuss some innovative models in certifying the compliance of data processing under the GDPR and other regulations. The session will conclude by a panel discussion on expectations, challenges and opportunities with regards to international and mutual recognition of such certification.
• What are the lessons learned and opportunities with data protection certification?
• What is the potential for international recognition of data protection certification?
• What are the differences between universal, specific, and hybrid certification mechanisms? What are their benefits and disadvantages?
• What challenges organisations face following the adoption of the GDPR?
• What are the current state-of-the-art certification solutions for certifying and demonstrating GDPR compliance?