023052 dataprotectionhuntonpaper fin


February 22, 2017



The U.S. Chamber of Commerce, along with privacy experts from Hunton and Williams LLP, identified seven key attributes of Data Protection Authorities (DPAs) that contribute to effective data protection governance. The report also explores how the level of effectiveness varies based on difference in the structure, roles and resources of a DPA.

The common thread among all the DPAs reviewed is that truly effective DPAs treat those they regulate as partners instead of adversaries. The most effective DPAs share a commitment to promoting education and awareness and to guiding and assisting the regulated community in a consistent manner, while exercising discretion and good judgment. They also possess a desire to improve through feedback and a willingness to act in a transparent manner. In addition, we found that DPAs that exhibited an aptitude for collaboration and gaining insight into the changing business and technology environments have a greater impact in their respective jurisdictions.

Seven Key Attributes of Effective DPAs

1. Effective DPAs Promote Education and Awareness

2. Effective DPAs Seek Feedback

3. Effective DPAs Offer Guidance and Assistance

4. Effective DPAs Are Judicious

5. Effective DPAs are Transparent

6. Effective DPAs Strive for Coordination and Cooperation

7. Effective DPAs Are Business and Technology-Savvy