They are. Let me speak about my background.
I spent 12 years in a national data collection authority as a secretary general in my country of origin. I can say that awareness and data protection in privacy culture is more than essential. You may be the best one in terms of legal analysis, but if you fail in making people aware of their rights, if you fail in being engaged with the controllers in the process, you are not on the right track.
One of the novelties of the GDPR relates to the adoption of guidelines. We've replaced 25 out of 47 legal provisions, so the GDPR is speaking about new legislation, implementing delegated acts by the European Commission with flexible guidance from controllers. They are to be adopted on the basis of an inclusive process, in active consultation with data controllers. The decision-making process by the European Data Protection Board will be very different from the one currently followed by 29 working parties.
Recently, I also started an exercise to make more accessible data protection. It is extremely complicated. It's not simple from a legal viewpoint. It's horizontal. It relates to many sectors. You should make this principle digestible in practice. There should be not only warnings, but also, on the basis of your experience, proactive exercises to explain how they may be applied in practice.
By May of next year, together with the commission, we will take part in a European Union campaign to make people aware of the new data subject's rights, but also to speak more directly to data controllers and processors to make data protection digital. I would like to focus more on making this principle effective in practice, much less “Pater Noster, Ave, and Gloria,” and more substantive principles in practice.