Review G29 President, Isabelle Falque-Pierrotin, speech about the role of Data Protection Officers during the “université des DPO”.
What is the G29 ?
The “G29” is the Article 29 Working Party made up of representatives from data protection authority of each EU member state, the European Commission and the European Data Supervisor. Launched under the Data Protection Directive of 1995, The Article 29 Working Party gives expert advice about data protection to the EU member states and third countries.
Currently, the President of G29 is Isabelle-Falque Pierrotin who is also President of the CNIL (French National Agency regulating Data Protection).
Isabelle-Falque Pierrotin attended the “Université des DPO”, a French event organised on January 24, 2018 by the AFCDP (French Association of Data Protection Officers) and dedicated to Data Protection Officers. Every year, hundreds of compliance professionals come to attend conferences and workshops. Our Data Protection Officer attended the event, here’s what to remember of Isabelle Falque Pierrotin’s speech.
G29 President, Isabelle Falque-Pierrotin, talking about the role of the Data Protection Officer.
The role of the Data Protection Officer
CNIL’s President affirmed that the role of DPO is still under construction. As of 25 May, the DPO will be responsible for personal data management and data protection strategy within his organisation. In order to carry out his duties, the DPO will need:
- His own ressources,
- To work in close collaboration with all staff members, regardless of their position,
- A complete independence in the exercise of his duties.
GDPR: IMPORTANT FINES ARE NOT THE PURPOSE
According to Isabelle Falque-Pierrotin, the main purpose of the General Data Protection Regulation is, for each citizen, “to take back the control of their personal data”. Although the GDPR gives authorities the power to levy more substantial fines; “fines alone won’t be enough”.
The real purpose of the GDPR is to motivate organisations to respect rights and data of their users.
Finally, the G29 President declared that May 25, 2018 will not be the deadline for organisations since only major security failures will be sanctioned in the first place. In short, data protection authorities are willing to help organisations achieve GDPR compliance.
Photo credits : (cc) Olivier Ezratty