Data Governance after GDPR

The Role of Data Protection Officers

With the acceleration towards a data-driven market economy and public sector, private companies and public institutions are changing their organizational setups to incorporate mechanisms for managing and governing data. While having employees that oversee the acquisition, storage and application of data is by no means new, the recent introduction of both national and international legislation (especially GDPR), has obligated companies, organizations and institutions – public as well as private – to appoint or hire “Data Protection Officers” (DPO). The Ethics and Politics of Data Governance research project aims to understand how organizations are changing their approaches to data protection and information security through an ethnographically informed examination of Data Protection Officers.

More specifically, the project examines the introduction of Data Protection Officers in different sectors and domains in Denmark, with the aim of understanding what this new role means for the practical implementation of data ethical standards and mechanisms within companies, organizations and institutions. The project involves conducting interviews with Data Protection Officers in addition to ethnographic participant observation at meetings, workshops and/or seminars within organizations. Finally, the project also involves scraping online data in order to probe the social networks and profiles of DPOs at a more systematic level.

In addition to research, the project also informs the courses and workshops on data governance and ethics at SODAS. Specifically, the project will contribute to the summer course entitled Data Governance: Ethics, Law and Politics.

The project is led by Kristoffer Albris, Assistant Professor of Anthropology, University of Copenhagen.