Transparency within the GDPR
Transparency requires that any information and communication
relating to the processing of those person data can be easily
accessible and easy to understand, and that clear and plain
language is used. (GDPR, Recital 39).
Information and Knowledge
Information: ‘knowledge communicated or received concerning
a particular fact of circumstance’
Knowledge: ‘acquaintance or familiarity gained by sight,
experience, or report’
Transparency is more than just providing data; it is more
subjective.
On 21 Jan 2019, for example, the CNIL’s restricted committee
imposed a financial penalty of 50 million euros against
GOOGLE, in accordance with the GDPR, for lack of
transparency, inadequate information, and lack of valid consent
regarding the ads personalisation.
In September 2021, WhatsApp discharged its GDPR
transparency obligations. This includes info provided to data
subjects about the processing of info between WhatsApp and
other Facebook companies. The DPC imposed a fine of 225
million euros.
The GDPR aims to prevent transparency abuse.
Personal data shall be ‘processed lawfully, fairly, and in a
transparent manner.’ (Article 5.1(a) GDPR).
So how do we define compliance with the GDPR? Lawfully and
fairly are legal concepts, however, transparency is more of a
technical concept. Interest in Transparency Enhancing Tools
(TETs) has increased in the past few years.
Can TETs help enable transparency?
TETs include plug ins, add-ons, web pages, independent
software etc. The goal is to inform and educate users on
Transparency requires that any information and communication
relating to the processing of those person data can be easily
accessible and easy to understand, and that clear and plain
language is used. (GDPR, Recital 39).
Information and Knowledge
Information: ‘knowledge communicated or received concerning
a particular fact of circumstance’
Knowledge: ‘acquaintance or familiarity gained by sight,
experience, or report’
Transparency is more than just providing data; it is more
subjective.
On 21 Jan 2019, for example, the CNIL’s restricted committee
imposed a financial penalty of 50 million euros against
GOOGLE, in accordance with the GDPR, for lack of
transparency, inadequate information, and lack of valid consent
regarding the ads personalisation.
In September 2021, WhatsApp discharged its GDPR
transparency obligations. This includes info provided to data
subjects about the processing of info between WhatsApp and
other Facebook companies. The DPC imposed a fine of 225
million euros.
The GDPR aims to prevent transparency abuse.
Personal data shall be ‘processed lawfully, fairly, and in a
transparent manner.’ (Article 5.1(a) GDPR).
So how do we define compliance with the GDPR? Lawfully and
fairly are legal concepts, however, transparency is more of a
technical concept. Interest in Transparency Enhancing Tools
(TETs) has increased in the past few years.
Can TETs help enable transparency?
TETs include plug ins, add-ons, web pages, independent
software etc. The goal is to inform and educate users on
