Accountability in the EU data protection reform: Balancing citizens’ and business’ rights

Abstract

The principle of accountability has been present in the field of data protection and privacy for several decades. Recently, accountability as a data protection principle gained fresh prominence with the revision of the data protection frameworks by the leading actors – the OECD, the Council of Europe, and the European Union. Anticipating the adoption of the General Data Protection Regulation, this contribution examines the positions of the EU legislative actors on Article 22 defining the responsibility of the data controller (“the general accountability article”). To date, there has been little agreement on the limitations of the newly introduced Article 22 and its practical implications for individuals and business. As such, this contribution analyses the debates that took place among the Council of the EU, the European Parliament and the European Commission throughout the negotiation process of General Data Protection Regulation. The contribution aims at providing new insights into the underpinning values and objectives of the accountability article.