IDEAS home Printed from https://ideas.repec.org/a/aza/jdpp00/y2019v3i1p69-81.html
   My bibliography  Save this article

Learning to walk a tightrope: Challenges DPOs face in the day-to-day exercise of their responsibilities

Author

Listed:
  • Eggl, Barbara

Abstract

The present paper takes the provisions of the General Data Protection Regulation (GDPR) on the data protection officer (DPO) as a starting point to assess how the role is developing in practice, and discusses the challenges DPOs may face in the day-to-day exercise of their responsibilities. In particular, the paper focuses on how the stipulations covering the function can be implemented in practice, taking into account that a balancing act may often be required when designing it, and when choosing the best person for the role. The paper explores how the functional independence of the DPO can be ensured, discussing the tension between the role of DPO as independent advisor of the organisation, while still either being an employee or a contractor of the organisation. Attention is being paid to design of the position, that is, the positioning of the DPO (internal versus external DPO, part-time or full-time DPO), the hierarchical position in the organisation and the resourcing of the DPO, as well as the required knowledge (data protection expertise, legal background, IT background, risk management and audit experience, but also in-depth understanding of the controllers’ processing operations). The paper concludes that all elements set down in the GDPR must be duly combined and weighed in order to ensure that the DPO can fulfil their role in a manner that not only complies with the letter, but also with the intention of the law. As time progresses, it will not become easier for DPOs to fulfil their tasks, but rather more demanding. On the one hand, this is due to the increasing complexity of processing operations (including the fact that processing for various reasons is taking place in the cloud), which requires DPOs to understand both the business needs, but also technical intricacies in more detail. On the other hand, organisations are fascinated by and want to make use of new technologies, which may often be challenging from a data protection point of view. The paper concludes that, like the tightrope walker, the DPO is constantly balancing — when the balance is right, both the organisation and the DPO benefit.

Suggested Citation

  • Eggl, Barbara, 2019. "Learning to walk a tightrope: Challenges DPOs face in the day-to-day exercise of their responsibilities," Journal of Data Protection & Privacy, Henry Stewart Publications, vol. 3(1), pages 69-81, July.
  • Handle: RePEc:aza:jdpp00:y:2019:v:3:i:1:p:69-81
    as

    Download full text from publisher

    File URL: https://hstalks.com/article/5172/download/
    Download Restriction: Requires a paid subscription for full access.

    File URL: https://hstalks.com/article/5172/
    Download Restriction: Requires a paid subscription for full access.
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    More about this item

    Keywords

    data protection officer; independence; data protection; compliance; privacy; accountability; independent advisor;
    All these keywords.

    JEL classification:

    • K2 - Law and Economics - - Regulation and Business Law

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:aza:jdpp00:y:2019:v:3:i:1:p:69-81. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Henry Stewart Talks (email available below). General contact details of provider: .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.