Data protection as a corporate social responsibility
Professor Paolo Balboni and Kate Francis of Maastricht University explain their project that effectively translates ethical principles into concrete actions in the form of 44 auditable controls.
Fueled by the immense power of data, the digital revolution has transformed the ways in which we live, work, and do business. European legislation such as the General Data Protection Regulation(1) (GDPR), considered to be the most protective data protection law in the word, regulates the processing of personal data and aims to protect the rights of individuals while promoting the free flow of data.(2) The GDPR provides clear rules that organizations must abide by in the processing of personal data in order to uphold the fundamental rights of individuals, including the rights to data protection and privacy, but also the right to not be discriminated against, to freedom of religion, equality, etc. Despite the efforts of the European legislator to uphold such rights through current legislation, nearly six years after the GDPR entered into force, it is necessary that we recognize that legislation alone is insufficient to genuinely foster a sustainable, ethical, fair, and trustworthy digital economy and society.(3) The time has come therefore come to move away from considering data as an asset and to appreciate that data ethics and data protection itself represents an asset for organizations to responsibly further their economic targets.(4)
International Report subscribers, please login to access the full article
If you wish to subscribe, please see our subscription information.