DPC publishes Regulatory Strategy for 2022-2027
22nd December 2021
In its Strategy for 2022-2027, the Data Protection Commission sets out an ambitious vision for what we believe will be five crucial years in the evolution of data protection law, regulation and culture.
The breadth of the DPC’s regulatory remit cuts across all areas of personal and public life; both at national and international level. In order to develop a Regulatory Strategy that will provide effective direction for such a vast operational remit, the DPC has been careful to take account of the wider context in which it regulates, the needs of its diverse stakeholders and the evolving nature of the fast-paced and non-traditional sectors it regulates.
The Strategy is arranged according to fundamental goals, underpinned by the DPC’s mission, vision and values, which collectively contribute to the delivery of its strategic priorities. The DPC recognises that it cannot achieve its ambitions alone – new partnerships and new ways of engaging will be necessary as we look towards a future of closer convergence. Nonetheless, the DPC builds from a position of confidence: we are a Regulatory office with ambition, a clear sense of purpose, a history of achievement, and a future of considerable promise.
In order to prepare this Regulatory Strategy, the DPC has engaged in a period of iterative consultation with a broad range of stakeholders, both internal and external, gathering insights and experiences of how the application of the General Data Protection Regulation (GDPR) has impacted the lives of individuals and organisations operating across a wide range of sectors. It is clear from the depth of thought given to these submissions that the GDPR is a matter of vital interest for many people. As is the case with any far-reaching legislation, the various interpretations from stakeholders of how best to apply the GDPR are not always in sympathy with each other. Nonetheless, the DPC is tasked with extracting the commonalities from these disparate points of view, and identifying an agenda of regulatory priorities which will drive compliance and promote better data protection outcomes for EU individuals.
One overarching objective - to do more, for more – has underpinned the strategic choices made in this Strategy, as the DPC navigates a regulatory future replete with competing priorities.