Technical Standards as Data Protection Regulation

Jane K. Winn, University of Washington - School of Law

4/23/2008
(Original Publish Date: 4/10/2008)

Two important features of European integration have been a deepening commitment to information privacy as a fundamental human right, and the successful integration of technical standards into regulatory frameworks to support the growth of the internal market. This paper will explore the costs and benefits of trying to integrate technical standards into European data protection laws as a possible strategy to enhance compliance and enforcement efforts. Adapting the successful New Approach model for harmonizing industrial standards to dynamic and volatile ICT markets will be difficult, however. While product standards are commonly used to achieve social regulation goals, it is unclear whether ICT standards can be used in a similar manner. Accepting the discipline imposed by better regulation principles, and adopting new perspectives on the legitimacy of regulatory bodies, might increase the chances that ICT standards can be harmonized with data protection laws, which in turn might increase the practical impact of those laws.