This session will review the main developments, achievements, and lessons learned on official data protection certification. It will start from the European Data Protection Seal and will present the main lessons learned from diverse stakeholder perspectives. It will compare and assess the benefit and impact of EU/EEA (Art. 42, 43 GDPR) and non-EU/EEA (Art. 46 GDPR) application of GDPR certification. It will more specifically discuss the potential of certification as a mechanism for international data transfers and will compare it to other instruments (such as SCCs, Code of conduct, etc.). We will conclude the session by discussing prospective views, with a focus on international cooperation for certification and the chance of multi-jurisdictional recognition and interoperability beyond Europe.
