EPIC to European Data Protection Board: GDPR Certifications Should Uphold Rights Above Privacy Seals

In the first public consultation held by the European Data Protection Board, EPIC proposed a rights-based certification criteria for the General Data Protection Regulation. The Data Protection Board is now the lead privacy agency in Europe. EPIC explained the risks of self-regulatory certification mechanisms, pointing to TRUSTe and the Facebook audits obtained by EPIC that wrongly certified Facebook's compliance with the 2011 FTC Consent Order. EPIC said, certification mechanisms "must be developed by national DPAs and implemented in conformity with the fundamental principles and rights of the GDPR." EPIC has also advised the UK Information Commissioner's Office and the Irish Data Protection Commissioner on GDPR enforcement.


« EPIC to Congress: Declassified Russian Meddling Report Should be Released | Main | EPIC Joins Coalition Urging Congress to Investigate Destruction of Records on Family Separation »

Share this page:

Support EPIC

EPIC relies on support from individual donors to pursue our work.

Defend Privacy. Support EPIC.

Universal Guidelines for AI

UGAI image

EPIC is gathering support for the Universal Guidelines for Artificial Intelligence, which aim to inform and improve the design and use of AI.