Follow

Guidelines 4/2019 on Article 25 Data Protection by Design and by Default

edpb.europa.eu/our-work-tools/

A fundamental read for advocates in (and elsewhere).

It provides a short in depth explaination of practical aspect of the legal responsibility of data controllers under .

For example it clarify that data protection measures (both tecnical and operational) must be designed to be EFFECTIVE and to be effective BY DEFAULT.

It also specifies that the cost of data-protection measures cannot be used to justify their lack of effectiveness, but only to peek the cheapest one among the effective ones.

And, obviously, the data controller is always accountable for such effectiveness.

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.