Political and regulatory decisions focusing on the intersection of technology and data protection are taken in a fast-paced environment. Due to the dynamics of this process and the multifaceted challenges in the digital world, voluntary commitments can be implemented to react fast and pragmatically.
Therefore, Article 40 of the General Data Protection Regulation (GDPR) recommends Code of Conducts in order to “contribute to the proper application of this Regulation, taking account of the specific features of the various processing sectors and the specific needs of micro, small and medium-sized enterprises”.
The rules and regulations committed to in a Code of Conduct must be continuously monitored to ensure a proper alignment with emerging social and technological developments and also legal obligations, e.g. the GDPR. Consequently, the trust of users in digital products and services can be maintained and improved.