Claude-Étienne Armingaud, CIPP/E, Partner, Data Protection Privacy and Security Practice Group Coordinator, K&L Gates
Gabriela Mercuri, Managing Director, SCOPE Europe
Jörn Wittmann, Director Privacy Legislative Strategy and Public Policy, Volkswagen AG
Codes of conduct overseen by accredited monitoring bodies are one of the breakthrough innovations introduced by EU General Data Protection Regulation. As part of its accountability framework, GDPR not only shifted the onus of demonstrative compliance, but also created the possibility for stakeholders to engage in co-regulatory practices. The goal was to allow the industry to support regulatory implementation by developing workable guidance to concretize the GDPR’s provisions. More flexible than other previously adopted compliance tools, CoCs generated high expectations, particularly in the wake of Schrems II, as a possible solution to address international data transfers and enable legal foreseeability. CoCs have not yet reached their full potential, with only a handful of national CoCs deployed and even less at the pan-European level. However, as the cloud ecosystem leads the way, this panel will explore the background of this sectoral success while highlighting CoC’s benefits, as well as their limitations.
What you will learn:
• How to understand the relevancy of CoCs in a post-GDPR, post-Schrems II era.
• What CoCs can bring to an ecosystem, as well as what they should not be pursued for.
• The future of international data transfers amid emerging data protection systems at global levels.