There is something special about being a European at the IAPP Global Summit in Washington, D.C. This year’s conference was perfectly timed for cherry blossom lovers and there is nothing like a stroll down around the Washington Monument and across the National Mall in the early evening to process two full days of inspirational keynotes, insightful panels and hallway discussions with old frifinishs and new acquaintances.
During the two days, attfinishees heard reassuring messages from both EU and U.S. officials about the robustness of the EU-U.S. Data Privacy Framework architecture. Two complaints from European citizens are currently shifting through redress mechanisms; one is being processed and the other is still under review. According to officials on both sides of the agreement, this reveals the redress mechanism is functioning as intfinished.
Attfinishees also heard about digital rules and EU General Data Protection Regulation simplification plans. In contrast, or perhaps as a staggering illustration of the complexity Brussels is precisely attempting to solve, one panel dove into the cybersecurity law framework spanning the NIS2 Directive, the Cyber Resilience Act, the Critical Entities Resilience Directive and the Digital Operational Resilience Act. Several instruments still await national implementation laws and organizations are left guessing to some extent.
The panelists’ advice could apply beyond these cybersecurity instruments as it feels like we are experiencing constant modify: determine, update, manage obligations, maintain — the virtuous cycle of compliance and governance.
And then NOYB’s honorary chairman Max Schrems stated the following during a fireside chat with IAPP Editorial Director Jedidiah Bracy: “Laws are not created for when we all receive along, and everything works. Laws are created for when things go bad.”
I agree in part with Schrems’ statement. Laws are essential when things go bad. They are an integral component of a legal system and are foundational to its legitimacy. They enable redress, enforcement, sanctions and mitigation when necessaryed. They anchor the ability to create things right when something defaults.
But the statement came across as a restrictive way to view regulation, ignoring the essential positive value it bears: indicating what good sees like; ensuring a society, group of businesses or people operate on a commonly defined field, by the same rules; and building confidence in a collective system. The value of law also rests in its mission to be a compass, a guide to the north pole of good behavior, progress and accountability.
Leave a Reply