M. Àngels Barbarà i W. WieWiórowski, Palau de la Generalitat
The first steps in application of the new European General Data Protection Regulation (GDPR) and its interpretation were the focus of the symposium organised by the Catalan Data Protection Authority (APDCAT) in the Auditorium of the Palau de la Generalitat on 14 June.
The GDPR introduces better control over the processing of personal data
The Assistant Supervisor at the European Data Protection Supervisor (EDPS) Wojciech Wiewiórowski delivered the symposium’s inaugural address, entitled “The General Data Protection Regulation (GDPR), a key element in better control over the processing of personal data”, in which he outlined the goals and improvements the new Regulation pursues throughout the European Union.
Mr. Wiewiórowski stressed that the new Regulation affects not only the protection of personal data, but also the free circulation of information. He spelled this out very clearly by explaining that “we like to travel like people, not like merchandise. Data cannot be merchandise; it is information about us, our children, our friends; in short about human beings”.
Advance towards information governance and embrace corporate digital responsibility
Following Mr. Wiewiórowski’s address, the APDCAT director Maria Àngels Barbarà spoke about “Information governance and corporate digital responsibility”, urging organisations to “take an active role in managing information through the use of emerging technologies”.
Ms. Barbarà referred to the concept of personal information “governance” to underline that “we must prepare ourselves to meet the new challenges that technologies can mean for people’s rights. We cannot become passive spectators of our own lives. Relations between people and organisations must be based on the values of trust, transparency and responsibility with respect to the data processing being undertaken”. The APDCAT director emphasised that “innovation must be respectful and sustainable with regard to values and rights: we cannot leave control over our lives to an algorithm.”
Continuing with this line, she highlighted the importance of bearing in mind that “complying with the Regulation is not only a matter of protecting data; it is also necessary to protect the people to whom those data refer.”
During her speech Ms. Barbarà also pointed out that “organisations that process data must ensure their users know and understand what data processing operations they are conducting and that these users are aware of the consequences this processing could entail for them.” By way of conclusion she stressed that “the values and principles that make up the right to data protection must be the foundations on which the digital society is built.”
Continuing to disseminate the key points of the new European Regulation
The symposium continued with a round table on “Who has control over personal data?”. Participants included the Professor of Computer Science, ICREA-Acadèmia Researcher at the Universitat Rovira i Virgili, director of the UNESCO Chair in Data Privacy and founder of CYBERCAT, Josep Domingo-Ferrer, and the director of the Privacy and Digital Transformation Chair Microsoft-Universitat de València, Ricard Martínez.
Finally, the event was closed by Xavier Gatius, general secretary at the Digital Policies and Public Administration Department of the Government of Catalonia.
It should be mentioned that, two years after it entered into force, the European General Data Protection Regulation became fully applicable as from last 25 May. Consequently, the APDCAT continues disseminating in the most effective way possible the key points of the Regulation and extending its analysis to include new criteria being developed by the European institutions.