Issues with data protection as command and control regulation

2020 ◽  
pp. 87-108
Author(s):  
Raphaël Gellert
Keyword(s):  
Data Protection ◽  
Command And Control ◽  
Control Model ◽  
Reform Process ◽  
Control Regulation ◽  
And Control

Chapter 3 shows that a number of the issues that data protection has encountered and which have served as the impetus for the GDPR reform process can be understood from the regulatory viewpoint. More in particular, they amount to the traditional criticism addressed against command and control rulemaking. It is possible to argue that the command and control model of regulation is based upon two assumptions. First, enforcement is operated through sanctions or the threat thereof—what is referred to as deterrencedeterrence|, and it is assumed that such deterrence always works. Second, it is assumed that the regulatory goalsregulatory goals| (and the standards and safeguards they lead to) are somewhat unproblematic. This last set of issues is multi-dimensional insofar as it affects the determination of what counts as an adequate standard and safeguard, but it also affects the implementation in practice of these standards. Just as determining what is the behaviour that will lead to the achievement of regulators is less than obvious, so is the concrete implementation and compliance with the various rules that are meant to lead to such behaviour. This is encapsulated for instance in the data controllers’ uncertainty on how exactly to apply certain data protection provisions, or in the inefficiency of a number of mechanisms such as notification obligations. Finally, due notice should be paid to technological evolutions, which can aggravate these issues.

The risk-based approach in practice

2020 ◽  
pp. 212-238
Author(s):  
Raphaël Gellert
Keyword(s):  
Risk Management ◽  
Data Protection ◽  
Command And Control ◽  
Main Tool ◽  
Methodological Issues ◽  
Regulatory Issues ◽  
Control Regulation ◽  
And Control ◽  
The Way

The goal of this chapter is to analyse some of the main caveats associated with the risk-based approach in practice, that is, with the use of meta regulation. The risk-based approach is an attempt to address some of the issues that data protection as command and control regulation has faced. However, in trying to address these issues, and in particular (but not only) through the use of risk management as the main tool of regulation, the risk-based approach creates a number of new problems. More in particular, one can distinguish between three different issues. Methodological issues concerning techniques for assessing and managing risks; regulatory issues in particular as far as the collaboration between regulators and regulatees is concerned; and implementational issues, that is, concerning the way in which risk management is actually implemented in practice, “on the ground”.

Data protection as command and control regulation

2020 ◽  
pp. 54-86
Author(s):  
Raphaël Gellert
Keyword(s):  
Data Protection ◽  
Command And Control ◽  
Historical Sources ◽  
Modus Operandi ◽  
Data Protection Directive ◽  
Control Regulation ◽  
And Control ◽  
Suitable Case ◽  
Prime Case

Chapter 2 demonstrates that data protection can be understood as command and control regulation by applying the three constitutive elements of regulation (standard setting, monitoring, behaviour control) thereto. If one wants to understand the modus operandi of newer models of regulation as applied to data protection (namely risk-based model of regulation), one must first understand the basis. That is, how data protection can be understood as regulation in the first place. This standpoint has another corollary. Since newer models of regulation are featured in contemporary statutes (with the GDPR as a prime example), an understanding of data protection as command and control regulation entails to study less contemporary statutes. The prime case study will therefore be the EU Data Protection Directive, which, even though not in force anymore is considered a suitable case for analysis as it embodies earlier models of regulation. Because this chapter is retrospective in scope (i.e. looking at previous data protection statutes in order to better understand the current ones), it often refers to historical sources of data protection (e.g. statutes and literature).

From Hierarchical Structure to Relational Networks

2015 ◽  
pp. 28-54
Keyword(s):  
Hierarchical Structure ◽  
Church And State ◽  
Command And Control ◽  
Control Model ◽  
Wealth Creation ◽  
Relational Networks ◽  
The Creation ◽  
And Control ◽  
The Church

In this chapter, the authors show how functional organizations, derived and perpetuated by the Romans, the Church, and the army of Frederick the Great, were ready-at-hand with the emergence of the industrial era and associated with the creation of wealth through a series of subsequent and specialized value-adding steps. This is a typical command and control model. The chapter shows that this is not the only model for wealth creation over the centuries, even though it continues to predominate in contemporary organizations. Relational networks existed throughout the same historical span of time and are undoubtedly responsible for the greatest accumulation of wealth. They often accumulated such a significant amount of wealth that they threatened the legacy models of church and state. Legacy thinking, directly and indirectly, continues to perpetuate questionable assumptions and cognitive blindness about how work really gets done and how wealth is really created.

Meta‐Regulation and Self‐Regulation

2010 ◽  
pp. 145-168 ◽  
Author(s):  
Cary Coglianese ◽  
Evan Mendelson
Keyword(s):  
Social Science ◽  
Self Regulation ◽  
Social Science Research ◽  
Command And Control ◽  
Science Research ◽  
Regulatory Governance ◽  
Conventional View ◽  
Control Regulation ◽  
And Control ◽  
Two Alternatives

The conventional view of regulation emphasises two opposing conditions: freedom and control. Government can either leave businesses with complete discretion to act according to their own interests, or it can impose regulations taking that discretion away by threatening sanctions aimed at bringing firms' interests into alignment with those of society, as a whole. This article focuses specifically on two alternatives to traditional, so-called command-and-control regulation: namely, meta-regulation and self-regulation. It defines these alternatives and situates their use in an overall regulatory governance toolkit. Drawing on the existing body of social science research on regulatory alternatives, this article identifies some of the strengths and weaknesses of both meta-regulation and self-regulation, and considers how these strengths and weaknesses are affected by different policy conditions.

scholarly journals A discussion on the resilience of command and control regulation within regulatory behavior theories

2012 ◽  
Vol 1 (1) ◽  
pp. 15-24
Author(s):  
K.P.V. O’Sullivan ◽  
Darragh Flannery
Keyword(s):  
Policy Making ◽  
Choice Behavior ◽  
Command And Control ◽  
Internal Dynamics ◽  
Internet Regulation ◽  
Regulatory Behavior ◽  
Control Regulation ◽  
Behavior Theories ◽  
And Control

This paper provides the first insights into the factors that may drive the resilience of command and control regulation in modern policy making. We show how the forces of uncertainty and internal dynamics among customers, producers and regulators are the most dominate factors preventing the adoption of non-CAC regulations. Using case study evidence of internet regulation, we then integrate our analysis into the most prominent regulatory choice behavior theories and illustrate that regardless of the theory, these factors can help explain the dominance of command and control as a choice of regulation.

Sign in / Sign up

Export Citation Format

Share Document