“Data protection seal of approval.” A 2008 book on data protection in Germany proposed creating independent auditing agencies who would inspect public and private organizations. If the organizations met standards for data protection, transparency, data security, etc., they would be issued the auditors’ “quality seal” which they could use in their marketing materials as a reputation booster. The auditors would be motivated to keep their own reputation high by not being pushovers, presumably. Multiple reliable auditors could watch each other. Set up well and done honestly, these inspections could ultimately enhance efforts at leak control by keeping whistleblowing from being the only way visible to try to fix the most broken organizations. When these inspectors published what criteria they used to calculate their ratings, smaller organizations down to families and individuals could learn tips about improving their own data protection.
Judging by online search results, squabbling about which data protection inspection seals are worthy may have already begun. There appears to be understandable concern that a company that produces consumer credit scores, which many Germans view with suspicion, also dipped its toe in the data protection certification business. Possible other models suggested for such an independent inspection system included the feared TÜV inspections and Biosiegel (“certified organic.” Bio means organic in German. Öko means treehugger.). An early boost was provided when a German state created demand for the certificate by requiring independent data-protection certification for products, programs and services used by state offices.
(DOT en shoots ZEEG ell.)