And there we were: Presentation of the Privacy Tech White Paper at the National Assembly

 

Members of Privacy Tech were in the Questure apartments at the French National Assembly on the evening of April 10th, to present their White Paper. The white paper has been supported from the beginning by Paula Forteza who wrote the preface and Axelle Lemaire, author of its introduction. This 250-page document proposes a new governance for data in the 21st century by developing standards for data circulation and protection as regulatory tools.

Supported by Mazars and Capgemini Invent, the preparation of the white paper brought together European Legal Tech, Reg Tech and Privacy Tech players, from Qwant to Cozy Cloud, including FING, Stiftung Datenschutz or Ctrl-Shift. Their contributions and several months of work testify to the French and European commitment to the creation of common standards for the protection of personal data.

Couldn’t have said it better

Paula Forteza, Member of Parliament for France in Latin America and the Caribbean, explains the problem to which the white paper responds in its preface:

“On May 25th, 2018, the General Data Protection Regulations (GDPR) came into force. As the creator of new rights for citizens, it proclaims four main rights: the right to forget, the right to rectification, the right to portability and the requirement of free and informed consent. The proclamation of these rights, although a necessary prerequisite, cannot be sufficient. The main challenge today is to make these new possibilities known and understood by users so that they can take advantage of them. This is all the more necessary since the entire balance of the GDPR is based on this idea: since citizens hold new rights, digital actors no longer have, as a matter of principle, to make a prior declaration to the CNIL to start an activity processing personal data. Control thus becomes, in the first instance, a citizen. This is a new and more balanced form of regulation that does not restrict innovation, while respecting users’ rights. However, a major challenge remains: empowering users to exercise their rights.”

 

 

Axelle Lemaire, former Secretary of State for Digital Technology and Innovation, continues in the introduction to explain the solutions and expected responses to address this issue, as well as their importance for citizens:

“This necessary work is not, however, due to a pitfall in the text, but to gaps in the ecosystem’s capacity (communities of developers, States, companies, various organizations) to transform it into a competitive tool. While the objectives are good and necessary, there is currently no support for ecosystem members to enable a change in perception and full exploitation of the GDPR. This requires work on the definition of ergonomics, design and standards of use so that the GDPR protects, but that it is not harmful to the user experience. A considerable effort will also be required in terms of standardizing standards.”

The GDPR is a major legislative advancement in the world of innovation. It lays the foundations for a digital economy whose greatest value is the trust placed by the data subjects in the controllers. Therefore, the GDPR ensures new and fundamental principles and rights for citizens (such as the right to portability, consent or privacy by design).

 

Privacy Tech and Legal Tech Store

Since the purpose of Privacy Tech is to stimulate French excellence in the field of Privacy, it has partnered with AFNOR to develop a certification program. The purpose of this is to support individuals and/or companies in the French ecosystem by issuing them trusted seals or certificates so that expectations may be universal in various organizations of all sizes.

Thus, the certified Privacy Tech solutions are intended to be distributed in the Legal Tech Store, within the “best of Legal Tech”.

 

What happens next?

The implementation of the legal trust framework naturally requires the development of a common framework to harmonize practices on a global scale. Following this white paper and this event,  an international collaborative body will coordinate all the stakeholders to propose common standards, labels and good practices.

Read the white paper here and subscribe to the latest news from Privacy Tech, its members, and the contributors and supporters.