Validation of the STAR training materials

As part of the validation of the STAR training materials we are looking for the feedback of DPAs and DPOs. The overall goal of the validation process is to further increase the quality of the materials and to develop a supporting handbook for trainers. Therefore we encourage you to use them during your training activities and share your impressions and opinion via email (linkor by filling this short questionnairelink.

Furthermore, as the materials are ready (and are available at link), we would like to kindly ask you to utilize them during your training activities to be held in the upcoming months. Respectively, we would be glad to join your event to see how the materials are performing in real-life environment and discuss your experience therewith in person. Thank you for helping us develop and ameliorate the STAR training materials!

Advertisements

STAR training materials for use by DPAs and DPOs are available

Based on the gathered feedback from DPAs and DPOs the the first iteration of the STAR training materials and supporting documents have been developed, in particular:

  • 11 training topics focusing on the GDPR,
  • seminar materials (i.e. Microsoft PowerPoint presentations) for each one of the topics with detailed guidance for trainers and suggested reading materials,
  • training scenarios,
  • a takeaway reference GDPR checklist,
  • a ten-point GDPR introductory list,
  • an evaluation questionnaire for attendees.

These materials are freely and publicly available in a digital form at the project’s website: http://www.project-star.eu/training-materials.

The materials are expected to be tested and validated in real environment by DPAs and DPOs, therefore they will be continuously refined and updated until the conclusion of STAR (31 October 2019).

To further increase the quality of the materials and to develop a supporting handbook for trainers we encourage you to use them during your training activities and share your impressions and opinion via email (link) or by filling this short questionnaire: link.

Findings of the STAR interviews with DPAs and DPOs

The aim of the STAR project is to contribute to fostering the harmonisation of training activities on the General Data Protection Regulation (GDPR), to ensure that the goal of unifying data protection at European level is not undermined by scattered training of operators in the public and private domains. As the first step is to overview the requirements for training materials, existing training practices and the training materials available in this domain, the STAR consortium partners conducted a series of semi-structured, qualitative interviews with

  • a) senior representatives of several Member States’ DPAs,
  • b) DPOs, data protection experts, and other stakeholders, and
  • c) other stakeholders who do not hold training responsibilities, but who were able offer additional perspectives

between January and April 2018. Furthermore, the consortium collected existing training materials that the research consortium obtained from the interviewees and by carrying out extensive research on the DPA websites, as well as on the websites of other organisations that provide GDPR training services. In total, the consortium was able to interview 17 DPAs, including two German State DPAs (Landesbeauftragter für Datenschutz), 15 DPOs and data protection experts who are in charge of training activities in their organisations, other stakeholders without training responsibilities, such as civil servants and similar officers, as well as a DPO organization. On top of these interviews, a total number of 87 sample training materials have been collected and catalogued by the consortium, and a sample of 60 of such documents have been analysed and evaluated.

The aim of these activities was to inform the requirements for training materials and provide the consortium with an overview of existing training practices and the training material available in this domain.

A key finding of the interviews is that the approach and points of view of DPAs and other stakeholders diverge in terms of substantive training as much as they do with regard to the current and prospective training methodologies. On the one hand, authorities tend to deliver (and consider most important to deliver) more institutional, theoretical training on the GDPR, aimed at creating in trainees a clear picture of the legal framework in which both regulators and regulated operate. On the other hand, other stakeholder trainers, in particular those who provide training for a profit, tend to focus on more operative aspects, such as procedures and methods to comply with the GDPR provisions.

In terms of training methodologies, face-to-face, in-class training is preferred both by DPAs and by other stakeholders, but they are interested in technologies that allow trainers to reach a higher number of stakeholders, such as webinars to train all employees of a certain company, or videos for the general public. The target of the training however differs, as the drivers and ultimate goals of DPAs and other stakeholders also differ.

In terms of existing training materials, practices also vary, with a strong focus on general slides and not functional guides and checklists. As this deliverable shows, this best-practices-mapping exercise allowed the consortium to identify several aspects worth considering, such as necessary graphic elements, a serious need to pay attention to accessibility, and similar aspects.

These findings are explained in details in Deliverable 2.2 Report on the findings of the interviews.

Support Training Activities on the Data Protection Reform (STAR)

Classroom by Vitor Antunes; CC: CC BY-NC-ND 2.0, 2006 via FlickrWe are proudly announcing a new research project, STAR: Support Training Activities on the data protection Reform, launched in November 2017 with a kick-off meeting in Budapest. This 24-month project, co-funded by the European Union (EU) under its Rights, Equality and Citizenship programme (2014-2020), is coordinated by the Research Group on Law, Science, Technology & Society (LSTS) at the Vrije Universiteit Brussel (VUB), and brings together UK’s Trilateral Research Ltd and the Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH), the Hungarian Data Protection Authority (DPA).

The STAR project will support training activities of EU DPAs and Data Protection Officers (DPOs) on the EU data protection reform, especially on the General Data Protection Regulation (GDPR). The GDPR requires both to undertake training activities (Arts 57(1) and 39(1)(b)). The development of materials in isolation increases the overall costs, it risks undermining the harmonising effect of the Regulation, and it puts great pressure on consistency mechanisms. STAR will aim to provide with necessary and efficient training materials and resources by:

  1. formulating training topics in close cooperation with stakeholders,
  2. authoring training materials, and
  3. validating and testing them in pilot training sessions.

This output will be freely and publicly available in a digital form. Although STAR targets EU DPAs and DPOs,  it shall also benefit other privacy professionals in the EU and beyond.

STAR supports the legal obligations of DPAs and DPOs to undertake training activities and, in order to facilitate their work, will provide them with ready-made, easy-to-customise and easy-to-run training materials, easily adaptable to specific training situations. STAR will also provide to the European Data Protection Board (EDPB) with common training programmes (Art 70 GDPR). The main outputs are thus the training materials and resources themselves. While their exact format and nature will be refined in cooperation with stakeholders, the following will at least be included:

  1. Training scenarios for each training category,
  2. A Seminars’ Topics List, based on the training scenarios,
  3. Seminar Material for each one of the seminars,
  4. Webinars (selected from the Seminars’ Topics List),
  5. A training Handbook,
  6. A takeaway reference GDPR checklist, and
  7. a ten-point GDPR introductory list.

The STAR project writes itself into the legacy of several concluded research projects to which its partners have been previously involved, in particular both PHAEDRA projects (Improving Practical and Helpful cooperAtion betweEn Data Protection Authorities I and II; 2013-17) and ARCADES (Introducing dAta pRoteCtion AnD privacy issuEs at schoolS in the European Union; 2014-16). These projects aimed at, inter alia, recommending how to ensure smooth co-operation of DPAs – including how to work together to raise awareness about privacy and personal data protection (law) – or how to teach these matters to children.

The first press release of the newly launched STAR project is available here.

Please also follow project’s developments on Twitter at @projectSTAR_eu as well as on ResearchGate.