EPIC to European Data Protection Board: GDPR Certifications Should Uphold Rights Above Privacy Seals

In the first public consultation held by the European Data Protection Board, EPIC proposed a rights-based certification criteria for the General Data Protection Regulation. The Data Protection Board is now the lead privacy agency in Europe. EPIC explained the risks of self-regulatory certification mechanisms, pointing to TRUSTe and the Facebook audits obtained by EPIC that wrongly certified Facebook's compliance with the 2011 FTC Consent Order. EPIC said, certification mechanisms "must be developed by national DPAs and implemented in conformity with the fundamental principles and rights of the GDPR." EPIC has also advised the UK Information Commissioner's Office and the Irish Data Protection Commissioner on GDPR enforcement.


« EPIC to Congress: Declassified Russian Meddling Report Should be Released | Main | EPIC Joins Coalition Urging Congress to Investigate Destruction of Records on Family Separation »

Share this page:

Support EPIC

EPIC relies on support from individual donors to pursue our work.

Defend Privacy. Support EPIC.