The discussion featured esteemed speakers including Prof. Dr. Hielke Hijmans, Chairman of the Litigation Chamber at the Belgian Data Protection Authority and member of the Executive Committee; Lorelien Hoet, Director of EU Government Affairs at Microsoft; Nathaly Rey, Head of Privacy Regulatory Strategy & Compliance at Google Cloud; and Dr. Ricardo Campos, Professor at Goethe University Frankfurt, Director of the Instituto LGPD, and Member of the Data Protection Commission at the Federal Council of the Brazilian National Bar Association. The session was moderated by Gabriela Mercuri, Managing Director at SCOPE Europe.
Panellists delved into the processes that led to the increasing incorporation of codes of conduct as instruments to support regulatory implementation in the realm of EU law. They discussed the potential of these tools to address core challenges in the data protection field, exploring how they can optimize the dissemination of stringent technical and organizational measures.
Dr. Hielke Hijmans made important reflections from the perspective of a data protection authority, discussing the challenges for GDPR implementation and harmonization across the EU, while analysing the crucial role of enforcement to ensure the robust protection of data subjects rights.
Prof. Ricardo Campos, who is an active researcher in the field of self and co-regulation, made insightful observations on how these tools can play an important part in supporting effective regulation, especially considering the complexity of modern technologies and global value chains.
Nathaly Rey shared valuable practical insights on the cloud industry’s pioneering experience with the development and implementation of the EU Cloud CoC, the first transnational GDPR code of conduct to become operational under Article 40 GDPR. In this context, she highlighted how the meaningful collaborative efforts between the industry and data protection authorities were indispensable to set robust privacy standards for the entire cloud ecosystem.
Against this background, Lorelien Hoet brought up vital points while discussing how the GDPR experience can be leveraged for other regulatory frameworks within the evolving data economy. In this spirit, she walked the audience through the incorporation of codes of conduct into other current regulatory initiatives, emphasizing key synergies and differences that shall serve as a baseline for upcoming developments.
Finally, the speakers addressed areas for improvement and exchanged on potential reasons behind the fact that only very few codes of conduct were approved after six years since GDPR became applicable. During these closing remarks, they provided an overview of the practical hurdles to develop and approve a code of conduct, while exploring effective solutions to boost the dissemination of these tools.
SCOPE Europe and the EU Cloud CoC community were delighted to participate in the discussions this year in Venice. We eagerly anticipate future opportunities to continue these valuable exchanges. We extend our heartfelt gratitude to all the speakers and collaborators for their support.