Abstract
Accountability made its formal debut in the field of international data protection more than 30 years ago, when it was adopted as a data protection principle in the Organization for Economic Cooperation and Development (OECD) Guidelines.4 As of late, the policy discourse on the regulation of data protection has been rife with references to accountability. Most notably, in 2010, the Article 29 Data Protection Working Party issued an Opinion on the principle of accountability in which it elaborated upon the possibility of including a general provision on accountability in the revised Data Protection Directive.5 The European Commission has also made a reference to the possibility of introducing a principle of accountability in its subsequent Communication outlining a strategy for modernising the EU data protection framework.6 Within the context of these documents, the introduction of an accountability principle is seen mainly as a way to help ensure ‘that data controllers put in place effective policies and mechanisms to ensure compliance with data protection rules’.7 While this objective is in line with previous iterations of the principle of accountability, important nuances exist among the various documents which have promulgated accountability as a data protection principle.
1. Vice President for Global Public Policy and Chief Privacy Strategist for Oracle Corporation, USA. The statements in this chapter are solely those of the author and do not necessarily reflect the views of Oracle Corporation.
2. Legal researcher at the Interdisciplinary Centre for Law and ICT (ICRI), K.U. Leuven — IBBT, Belgium.
3. Professor in Law and IT at the Faculty of Law at K.U. Leuven; founder of the Interdisciplinary Centre for Law and ICT (ICRI); co-founder and senior partner of the IT law firm time.lex.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
Notes
Organisation for Economic Co-operation and Development (OECD), ‘Recommendation of the Council concerning Guidelines governing the protection of privacy and transborder flows of personal data’, 23 September 1980, available at http://www.oecd.org/document/18/0,3343,en_2649_34255_1815186_1_1_1_1,00.html. Accessed 30 November 2010.
Article 29 Data Protection Working Party, ‘Opinion 3/2010 on the principle of accountability’, WP 173, 13 July 2010, 3, available at http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2010/wp173_en.pdf. Accessed 8 February 2011).
See, for example, Centre for Information Policy Leadership (CIPL), ‘Data protection accountability: the essential elements a document for discussion,’ The Galway Project, 5–6 October 2009, available at http://www.huntonfiles.com/files/webupload/CIPL_Galway_Accountability_Paper.pdf. Accessed 20 November 2010;
P.M. Schwartz, ‘Managing global data privacy: cross-border information flows in a networked environment,’ a working paper by The Privacy Projects, October 2009;
Pearson and A. Charlesworth, ‘Accountability as a way forward for privacy protection in the cloud’ in Cloud Computing. First International Conference. CloudCom 2009, (eds) M. G. Jaatun, G. Zhao, and C. Rong ( New York: Springer, 2009 ), pp. 134–41.
See, for example, C. Kuner, ‘Developing an adequate legal framework for international data transfers,’ in Reinventing Data Protection?, (eds) S. Gutwirth, Y. Poullet, P. De Hert, C. de Terwangne and S. Nouwt ( Dordrecht: Springer Science+Business Media, 2009 ), pp. 263–73.
See for example, J. Koppell, ‘Pathologies of accountability: icann and the challenge of “multiple accountabilities disorder”,’ Public Administration Review, vol. 65 (2005):, pp. 94–9;
R. Mulgan, ‘“Accountability”: an ever-expanding concept?,’ Public Administration, 2000, vol. 78, pp. 555–6.
A. Sinclair, ‘The chameleon of accountability: forms and discourses,’ Accounting, Organizations and Society, 1995, vol. 20, p. 219;
M. Bovens, ‘Analysing and assessing accountability: a conceptual framework,’ European Law Journal, 2007, vol. 13, p. 448.
See M. J. Dubnick, ‘Seeking salvation for accountability,’ Paper prepared for delivery at the 2002 Annual Meeting of the American Political Science Association, 29 August to 1 September 2002, Boston, pp. 1–2, available at http://mjdubnick.dubnick.net/papers/2002/salv2002.pdf. Accessed 28 November 2010.
A. Sinclair, ‘The chameleon of accountability: forms and discourses,’ p. 221. Such connotation typically results from the nature of the subject matter, which may involve one or more assumptions regarding the modalities or implications of accountability mechanisms. For instance, in computer science, accountability is used mainly in reference to auditability and/or the use of non-repudiation mechanisms. (See also S. Pearson and A. Charlesworth, ‘Accountability as a way forward for privacy protection,’ p. 134 and
P. Malone and B. Jennings, ‘Distributed accountability model for digital ecosystems’ in Second IEEE International Conference on Digital Ecosystems and Technologies (Phitsanulok: IEEE/IET Electronic Library (IEL), VDE VERLAG Conference Proceedings 2008, pp. 452–3.) In this context accountability denotes that a system or protocol has been designed in such a way that relevant events can be reconstructed or that plausible deniability has been diminished. (See, e.g., G. Miklau, B. Levine and P. Stahlberg, ‘Securing history: privacy and accountability in database systems’ (paper presented at 3rd Biennial Conference on Innovative Data Systems Research (CIDR), Asilomar, California, USA, 7–10 January 2007, p. 387. Online Proceedings: www.crdrdb.org.) In other words, accountability is approximated to the availability of mechanisms which enable attribution of actions or events on a post facto basis. In psychology, accountability has been said to refer to the implicit or explicit expectation that one may be called on to justify one’s beliefs, feelings, and actions to others. (
J.S. Lerner and P.E. Tetlock, ‘Accounting for the effects of accountability,’ Psychological Bulletin 1999, vol. 125, p. 255. Here the focus lies on the impact of an accountability relationship on a subject’s mental state rather than on the mechanisms which enable or otherwise support accountability.
See M. Bovens, ‘Analysing and assessing accountability: a conceptual framework,’ p. 451; R. Mulgan, ‘“Accountability”: an ever-expanding concept?,’ p. 556; A. Schedler, ‘Conceptualizing accountability’ in The Self-Restraining state: Power and Accountability in New Democracies, (eds) A. Schedler, L. J. Diamond and M. F. Plattner ( Boulder: Rienner, 1999, p. 16 ).
Office of the Auditor General of Manitoba, ‘Mechanisms and practices for ensuring the accountability of legislative auditors,’ p. 2, available at http://www.oag.mb.ca/reports/Mechanisms-and-Practices.pdf. Accessed 3 April 2011. See also A. Gray and W. I. Jenkins, Administrative Politics in British Government ( Sussex: Whitesheaf books, 1985 ),pp. 137–9. linking accountability to the concept of ‘stewardship’).
See also K. S. Selmer, ‘Realising data protection’ in 25 Years Anniversary Anthology in Computers and Law, (eds) J. Bing and O. Torvund (Oslo: TANO, 1995 ): p. 63.
P. De Hert and S. Gutwirth, ‘Privacy, data protection and law enforcement. Opacity of the individual and transparency of power,’ in, Privacy and the Criminal Law, (eds) E. Claes, A. Duff and S. Gutwirth ( Antwerpen/Oxford: Intersentia, 2006 ), p. 77.
Editor information
Editors and Affiliations
Copyright information
© 2012 Joseph Alhadeff, Brendan Van Alsenoy and Jos Dumortier
About this chapter
Cite this chapter
Alhadeff, J., Van Alsenoy, B., Dumortier, J. (2012). The Accountability Principle in Data Protection Regulation: Origin, Development and Future Directions. In: Guagnin, D., Hempel, L., Ilten, C., Kroener, I., Neyland, D., Postigo, H. (eds) Managing Privacy through Accountability. Palgrave Macmillan, London. https://doi.org/10.1057/9781137032225_4
Download citation
DOI: https://doi.org/10.1057/9781137032225_4
Publisher Name: Palgrave Macmillan, London
Print ISBN: 978-1-349-35045-2
Online ISBN: 978-1-137-03222-5
eBook Packages: Palgrave Business & Management CollectionBusiness and Management (R0)