This article builds upon the literature on regulatory intermediation to answer how and why European rule-makers rely on data protection officers (DPOs) to shape the self-regulation of private and public organizations regarding the processing of personal information. Based on the theory-testing process-tracing methodology, the article finds that while the old data protection regime (1995–2016) allowed national rule-makers to pursue their preferred policy paths regarding the regulation of DPOs, this is not the case for the new data protection regime (from 2016). The article argues that a combination of two causal mechanisms—supranational and functional—has led European rule-takers to institutionalize the designation of DPOs within broad categories of regulated organizations to motivate credibility toward data protection. The article concludes that while this policy decision enhances the self-regulation capabilities of rule-takers with the professional accountability and expertise of DPOs, European politics have made the reliance on DPOs more susceptible to the short-term interests of rule-takers.

中文翻译：

---

加强自律的可信度：欧洲数据保护制度的案例

本文以监管中介的文献为基础，回答欧洲规则制定者如何以及为何依赖数据保护官 (DPO) 来塑造私人和公共组织在个人信息处理方面的自我监管。基于理论检验过程追踪方法，文章发现，虽然旧的数据保护制度（1995-2016）允许国家规则制定者在 DPO 监管方面追求他们偏好的政策路径，但情况并非如此。新的数据保护制度（自 2016 年起）。这篇文章认为，超国家和职能两种因果机制的结合导致欧洲规则制定者将 DPO 的指定制度化，在广泛的受监管组织类别中，以激发数据保护的可信度。