Don’t know the candidates, the selection criteria, or how the Irish DPC appointment committee was selected. Still I find it a bit unfortunate that a formal complaint is being placed based on a person’s past experience. Nothing in the complaint filed before the European Commission (irrespective of its (in)admissibility) demonstrates any actual conflict of interest. Instead, it is all presumptive, all tied to allegedly “reasonable” doubts.
The issue with that is that a person is not defined by the employer they once had – especially if, as is the case here, it is a former employer from several years ago.
I have previously highlighted the fact that digital rights campaigners have found no problem joining regulators’ ranks, even some who previously acted as complainants in significant cases.
If a former lobbyist should be prevented from joining a regulator because regulators are in charge of enforcement (which involves examining both sides of an argument, not just one*), shouldn’t a complainant also be prevented from joining because that shows bias and thus a predisposition to favour one side over another?
[* I invite anyone claiming otherwise to show me where the GDPR or any other law applicable to data protection authorities says that regulators should be biased against controllers/processors. Being entrusted with fundamental right protection doesn’t mean “privacy > all else” or that all allegations are well founded.]
It is also odd that the complaint focusses on bias while stating explicitly that the chosen candidate doesn’t have expertise (“merely lobbying for large tech firms does not bestow upon an employee the necessary technical or legal expertise to understand how that firm processes data, or whether its actual technical practices in reality comply with data protection law”). If lack of technical expertise about how a firm processes data is a limitation, then surely academic and campaigner profiles are also equally limited, given that they are looking from the outside.
In other words, if a lobbyist is not welcome, neither should anyone who is a campaigner (because they are biased), a lawyer (because they will have defended one side or another), an academic (because they will be too far removed from actual processing activities of organisations), a governmental official (because they are biased for the government, which is a controller too), etc.
This is precisely why organisations have mechanisms in place to manage conflicts of interest and have teams to support one another.
The Irish government appears to be satisfied with the selection process, which suggests that the committee took every candidate seriously and that they found no reason to consider there was any actual conflict of interest. [see end quote: https://lnkd.in/edPBEBJX]
And what makes my opinion worth anything? Nothing – but given the coverage this is getting, I think another perspective deserves to be heard.
Previous thread on the topic: https://lnkd.in/eKz-YhfM
Did this analysis get you thinking? Reach out!
DataLaws.net is entirely open-access, and instead of getting your data in exchange for this content, how about another trade? If this commentary saved you research time or sparked an idea, feel free to invite me over for tea, chai or a hot chocolate next time you are around Brussels or Antwerp - or invite me over to your offices for a chat!
Get in touch ↗ Let's connect on LinkedIn ↗