AmCham member representatives warmly welcomed Datatilsynet Director Bjørn Erik Thon to the first 2021 meeting of the Digitalization Forum. Given ongoing US-Europe Privacy Shield negotiations, the virtual roundtable dialogue – which ranged from COVID-19 era concerns to the digital platform economy, GDPR, and Grindr – was particularly timely.
Speaking both to the breadth of participants and the reach of Datatilsynet, Thon commented how the COVID-19 pandemic has highlighted the role of data protection in nearly every sector, ranging from health to education, financial technology to infection control, and how the landscape of today’s data protection looks much different than at his start.
When taking the helm at Datatilsynet in 2010, Thon noted that much of the data we see in “an internet minute” was not put to use. In the time since, he and his team have had to readjust and reassess how they work, seeing an exponential jump in users, data collection, and data utilization fuelled by a continuously expanding offering of services.
After the digital shift of 2020, and regardless of GDPR efforts, Thon asserts that it is not possible for consumers to know exactly what is happening to their data. The sheer volume of information available, the importance of transparency, and the ever-changing requirements for accountability make the jobs of both technology companies and Data Protection Agencies ever-more challenging.
This pragmatism, and accompanying understanding of the role of data in everyday interactions, was an assuring takeaway from the discussion. Thon signalled a desire to encourage communication between businesses and government in order to strengthen consumer rights and enact actionable regulations.
Briefly discussed was the European Data Protection Board and its role as an arbiter between governments and industry as they strive to be compliant and protect users, a diverse arena requiring a creative and holistic approach, AmCham argued in its letter to the EDPB. Thon commented that Norway is a strong and active member of the EDPB, noting the complexity of issues addressed and the room for improvement.
A refreshing new approach to regulation that Datatilsynet is taking is its Regulatory Sand Box program. The program brings industry together with regulators to creatively address new questions within the ethical application of AI and use of personal data. It indicates an interest in thinking creatively and cooperatively in meeting the challenges ahead, and we look forward to both following the current cohorts’ progress and seeing who applies for future iterations.
In answering both the questions already posed, and those yet to come, we look forward to building upon this dialogue, and encouraging a strong working environment for our members through solid, predictable data protection regulations, and open discussion.