Skip to content
  • «
  • 1
  • »

The search returned 2 results.

ISO/IEC 27701 Standard: Threats and Opportunities for GDPR Certification journal article

Eric Lachaud

European Data Protection Law Review, Volume 6 (2020), Issue 2, Page 194 - 210

The paper assesses the possible consequences for Article 42/43 certification of the publication of the ISO/IEC 27701:2019 standard. This new ISO standard establishes a management system that aims to manage ‘the processes for protecting the capture, accountability, availability, integrity, and confidentiality of personal data.’ The conformity with the standard’s requirements is certifiable by the private conformity assessment bodies interested in providing this service to businesses. The paper shows that ISO/IEC 27701:2019 based certification has many assets to dominate the market of data protection certification. It offers operational advantages to businesses that are looking for a readymade solution to streamline information security and data protection. A strong uptake of ISO/IEC 27701:2019 based certification could threaten Article 42/43 certification by creating two competing approaches of data protection compliance. But it could also offer the opportunity to improve the general level of data protection and encourage the European supervisory authorities to clarify the relationships they intend to establish with ISO privacy standards. Keywords: certification, privacy, ISO, self-regulation, standardisation


Certification in Data Protection: New and Old Issues Concerning Certifiers’ Liabilities journal article

Anna Rita Popoli

European Data Protection Law Review, Volume 6 (2020), Issue 3, Page 390 - 406

The article examines the various forms of liabilities that accredited certification bodies may incur in operating in the field of data protection, while also trying to offer some suggestions to improve the harmonisation in the pathological phase of litigation in certification mechanisms. Keywords: GDPR, Data Protection, Certification, Contractual Liability, Tort Liability, ADR/ODR

  • «
  • 1
  • »