Oh to be a privacy regulator, these days.
Who else gets to contemplate horribly complicated issues, treading a fine line between the needs of citizens, global organisations, public authorities and SMEs?
And who else gets to contemplate it in Mauritius?
From 13 to 16 October, some of the worlds finest data protection minds will be working out how to keep the sand out of their laptops as they contemplate more effective ways to regulate the digital universe.
The theme of the 36th international data protection and privacy commissioners conference is “A world order for data protection – our dream coming true?”
One look at the host’s website certainly indicates that someone’s dream will be coming true. If anyone ever wanted to know about data protection and snorkeling, then this the place to go. Oh, to be paid to attend a privacy conference at a stunning resort hotel, located on pristine white sands overlooking the bay of Balaclava. I want that job.
I should not snide though. I’m likely to be in London (or Dublin) helping data controllers appreciate how best to avoid the critical gaze of their regulator. Not in the tropics.
To be fair, the delegates in Mauritius will be faced with a pretty packed programme. And I do hope that a good number remain for the final speaker, Marie Georges. A good number of them will probably never have heard of her. Even her job title, “Independent Expert and Member of the Fundamental Rights European Expert Group,” doesn’t give that much away.
But I know better.
I still I last saw her a few months ago in Brussels, and first met her several decades ago. Marie was (effectively) the person who drafted much of what we have come to know and love as the 1995 Data Protection Directive. Yes, it is her work that has become so out-of-date that it now needs to be replaced by another legal instrument. So it is probably fitting that the regulators should thank her politely before consigning her work to the statutory waste paper bin.
I have vivid memories of happy times, punting with her on the river Cam, during a privacy conference in Cambridge. Well, to be fair, some Cambridge graduate was doing all the punting. We were both just enjoying a glass or two of bubbly – as well as the view. I didn’t agree on her views on privacy back then, particularly on her insistence that it was right that policymakers be able to argue and negotiate their positions on the then (draft) Data Protection Directive in private, rather than in public.
I’m not sure whether she has changed her views about many data controllers. Particularly about those who shouted at her during the conference when they didn’t agree with her views on the need for tighter rules on direct marketing. Yes, data protection was a hotly contested topic back then, too.
To be fair, I don’t expect that the delegates will be shouting at each other this year. Many already know what they think about each other, and that’s enough.
I predict that we won’t be seeing too many public displays of disaffection.
Perhaps an argument about how to moderate public expectations of privacy in an internet age. Google will probably get another going over.
And perhaps a murmur of gratitude from the consultants present to thank the regulators for making data protection laws so complicated that data controllers will absolutely have to rely on their advices even more over the coming years.
Then, everyone can close their laptops and, if they have time before their long flight home, appreciate whatever other delights Mauritius has to offer the tired traveller.