This panel drives an interdisciplinary discourse on the transparency and accountability principles as manifested in the GDPR. We characterize the emerging field of privacy engineering with current examples from techno-legal research, industry reports, and their critical evaluation. Doing so, we delineate as to why the current practice with regards to transparency and accountability does not unfold its potentials, which policy implications we should aim for, and how technological advances can help here. The speakers focus on the practical implementation and new forms of transparency and accountability enhancing technologies in line with the givens of large-scale IT infrastructures processing personal data. In addition, the debate will oscillate between the perspectives of data controllers and data subjects’ rights and actual needs.
• What is the state of the art in effective privacy engineering for transparency and accountability?
• What are the guiding principles for their legal and technical implementation and enforcement?
• How can we support the communication between legal, technical, and supervisory data protection roles?
• How to reconcile conflicting business goals with regulatory obligations and how to enhance day-to-day compliance for everyone?