ICO releases summary of discussions between G7 data protection authorities
How will the G7 data protection authorities cooperate in the future and how will this cooperation potentially shape data protection within those countries?
The key takeaway
The G7 data protection authorities will begin to cooperate more closely in the coming years to harmonise best practices, know-how, legislative developments and enforcement across all the countries in a number of key areas.
Following meetings conducted on 7 and 8 September 2021, the Information Commissioner’s Office published a communique which summarised the discussions it had with other data protection authorities in the G7 and their commitments going forward.
As the communique notes, more data is being generated, collected and used than ever before globally, which means that data protection authorities will have to become better at anticipating, interpreting and influencing the advances on how data is used.
The meetings covered seven separate topics under which the authorities agreed on several steps to be taken:
1. Privacy and competition – Cross-regulatory collaboration to support a robust global digital economy
- Strengthening the collaboration between the G7 data protection authorities and domestic competition authorities on the regulation of digital markets.
- Sharing know-how with each other with the view to foster consensus, set norms and facilitating practical actions on protecting individuals’ rights and maintaining competitive digital markets.
- Advocating for greater collaboration between the authorities and competition regulators.
2. Shaping the future of online tracking
- Initiating strategic dialogue between the G7 data protection authorities and technology firms, standards bodies, designers and other parties to examine the role that tech developments play in creating a more privacy-oriented Internet, upholding and preserving the principle of informed and meaningful consent.
- Continued collaboration between data protection authorities on widening efforts to improve standards of data protection by websites.
3. Designing artificial intelligence in line with data protection
- Advocating a central role for data protection authorities in the future governance on AI.
- Creating dialogue on the principles that should govern responsible development of AI.
- Exchanging intelligence and expertise on novel applications of AI and their privacy implications.
4. Redesigning remedies for the digital age
- Sharing information and experience on what regulatory remedies work best.
- Advocating for legislatures to ensure that remedies keep up pace with technological changes and maintain sufficient party across jurisdictions.
5. Pandemic-driven tech innovations
- Proactively demonstrate a commitment and ability to move quickly when needed, while ensuring high standards in data protection.
- Advocating for innovation that meets public needs and protections peoples’ privacy, which will keep pace with technological change.
- Ensuring the proliferation of new technologies developed during the pandemic and their use for good and with privacy and data protection in mind.
6. Government access and data flow at international level
- Engaging G7 Governments to support progressing initiatives at international level on Government access to personal data held by private companies and agreeing principles for the same.
- Sharing relevant developments in the law and practice and coordinate domestic advocacy and policy efforts.
- Developing constructive and appropriate relationships with other domestic oversight bodies to ensure consistent approaches to privacy and data protection.
7. Development of a framework for cross-border transfer of personal data and cooperation between G7 data protection authorities
- Promoting a more open and frequent dialogue between data protection authorities to facilitate discussions.
- Exchanging experiences and practices in the governing of emerging technologies and innovations to foster interoperable regulatory approaches.
- Identifying opportunities for greater enforcement cooperation, including starting by developing a shared understanding of the legal frameworks and enforcement practices across jurisdictions.
Why is this important?
The discussions between the various data protection authorities signal a clear intent for more cooperation and potential harmonisations in terms of both enforcement approaches and legislative developments within the G7.
Businesses, especially tech companies, should keep a keen eye on any developments on the closer cooperation between the authorities, especially in the light of enforcement and data protection standards.
Any practical tips?
While high level, the G7 data protection authority discussions show where the future regulatory lines will be drawn in the data future. This is relevant for all tech companies, but particularly those at the cutting edge of innovation where data tracking and AI play such an important role. Keeping a close watch on how this is playing out on a macro scale may well pay huge dividends in the future.