As data-driven technologies continue to advance at unprecedented pace, protecting individuals’ personal information and ensuring their privacy remains a top priority for lawmakers and businesses worldwide. As the end of this legislative cycle in Europe nears and five years after the implementation of the GDPR, the 13th Annual European Data Protection & Protection Conference will be both reflective and forward-looking, exploring the challenges, successes, and lessons learned regarding tech regulation these past few years, and discussing how all stakeholders in the data privacy realm can continue to work towards a future where privacy remains a cornerstone of our data economies and societies.
Providing a continuous exploration into the ever-evolving realm of data protection and privacy, the conference will highlight the next trends and priorities in ensuring individual’s trust in digital tech, the importance of interoperability with various data privacy rulebooks worldwide and the role of privacy innovation as a powerful catalyst for progress. The conference will also feature thought-provoking discussions on the delicate balance required to ensure that the use and deployment of AI technologies in Europe do not compromise our fundamental rights.
GDPR Five Years On: What’s Next?
Global Data Privacy Landscape & Interoperability
Privacy Innovation & the Power of Data
Privacy in the AI Era
Commissioner for Justice
Secretary of State for Digitization, in charge of Administrative Simplification, Privacy and Building Administration
Federal Government of Belgium
European Data Protection Supervisor
Head of Unit, Data Protection, DG Justice
Head of Unit, International Affairs and Data Flows, DG Justice
Head of the Data Governance and Privacy Unit
Member of the Board of the Guarantor for the protection of personal data
Italian Data Protection Authority
Deputy Director International Data Flows
Information Technology Lab,
U.S. Department of Commerce
AI Technology Expert
Deputy DPO and Cybersecurity Expert
Chief Privacy Officer
Global Privacy Officer and Head of EMEA Government Affairs
Director General, Policy — EMEA
BSA | The Software Alliance
Head of Data Public Policy, Europe
Director of EU Government Affairs
Open Data Institute
Director of CDT Europe
Europe Policy and Advocacy Director
Co-Founder and CEO
EU News Correspondent
Senior privacy and data protection analyst
Policy Fellow, Global Privacy
Future of Privacy Forum
*** TIMES ARE IN CET ***
Considered a ‘landmark legislation’ when first introduced, the GDPR reached its fifth anniversary in May 2023, with both its accomplishments and limitations put to the forefront.
It is recognized that enforcement has varied significantly across Member States, with lack of resources and divergence of administrative practices within DPAs identified as the main challenges affecting the overall effectiveness of GDPR enforcement. As the European Commission is due to undertake a GDPR review by May 2024 and at a time when the EU’s legislative cycle is slowing down ahead of the European elections, this session will take stock of what has been achieved in the past five years, lessons that have been learnt and discuss the extent to which the recently-released GDPR Procedural Regulation can address the challenges that have been identified to ensure the smooth and consistent application of the GDPR within the EU, as well as examine the implications for businesses. It will also examine the interplay between GDPR enforcement and other digital regulatory frameworks, as well as level of cooperation amongst DPAs and with other regulatory authorities, as stakeholders reflect on what the priorities on tech regulation in the next mandate should be to address the accelerating pace of technology developments, the protection of fundamental rights and the promotion of innovation in the European data economy.
The global data privacy landscape has quickly evolved since the implementation of the GDPR, which was then considered a global benchmark that would shape the way other nations and regions could approach privacy legislation. A majority of countries have now passed or are in the process of updating their national privacy framework, shedding light on points of regulatory alignment but also divergence between different rulebooks ,as regional and national data sovereignty approaches are becoming more prominent, making it challenging for global organisations confronting different laws emanating from nations with varying interests. Strengthening cooperation between different countries and regions is deemed crucial to foster synergies and interoperability between privacy standards in order to boost cross-border data flows which underpin socio-economic development and global commerce, and are necessary for innovation to thrive.
Exploring the latest on various frameworks and initiatives such as the EU-US Data Privacy Framework, the G7’s Data Free Flow with Trust, the latest work done at OECD level, the Global CBPR or the DEPA initiatives and the impact that the UK’s GDPR reform may have, as well as examining the mechanisms and tools such as adequacy decisions and model clauses to provide businesses with legal certainty, this session will focus on the importance of promoting interoperability with discussions delving into the potential for enhanced cross-regional cooperation to bolster privacy standards.
Continued innovation in data-enabled and cloud computing technologies has provided businesses and government agencies with valuable insights about individuals demographic information, preferences, and habits in order to improve products, services, research, crisis response and address socio-economic challenges. Being able to extract essential information to drive transformative innovation without identifying individuals and alleviating risks is now more crucial than ever. Privacy-by-design and by-default are the fundamental principle of embedding data protection safeguards at the heart of new digital products and services, but how does this look like in practice?
This session will explore the role of data protection engineering in operationalizing the data-protection-by-design and by default principles during the collection, processing, analysis, and sharing of data, as well as in building trust and empowering individuals to participate in a data economy that benefits society equitably. It will provide an overview of existing PETs, PPTs and PPDSA technologies – such as differential privacy, synthetic data, data masking, federated learning technology, and techniques allowing the processing of personal data in trusted cloud execution environments or on-device – and examine their benefits, applicability, as well as good practices. It will examine the role they can play in the successful creation of European Data Spaces by balancing maximum data availability with the highest standards of data protection within trustworthy data management, in line with the overall objectives of the Data Governance Act, before discussing how privacy innovation development and uptake can be further encouraged.
The rise of generative AI models in the past year has captured the attention of Europeans and individuals around the world and reshaped the way legislators are looking to regulate the technology, especially with regards to data privacy as questions around compliance and the legal basis of personal data used in the context of AI have been raised. The delicate interplay between the advancement of both foundation and general purpose AI models with the protection of privacy have taken centre stage and it is recognised that an appropriate ethical and legal framework governing privacy, transparency and accountability issues is necessary to shape responsible AI practices given the role that the technology is set to play in our societies and democracies. As negotiations on the EU’s AI Act are expected to conclude before the end of the year (*at time of writing), this session will focus on how the traditional data protection principles that have shaped the GDPR (purpose limitation, data minimisation, integrity, confidentiality, the limitation on automated decisions etc…) fit with Europe’s ambitions to bolster the deployment and use of AI technologies.
To discuss sponsorship and visibility opportunities at the 13th Annual European Data Protection & Privacy Conference, please contact Anne-Lise Simon on [email protected].
Exclusive speaking positions | Your organisation can contribute to the discussion.
Engaging and Interactive format | Engage in a fully immersive and interactive debate with decision makers, businesses and policymakers.
European and global outreach | Convey your message to a broad and international audience.
Networking opportunities | Connect with your fellow attendees during coffee and lunch breaks throughout the event.
Visibility Opportunities | Ensure maximum visibility through branding in the room, on the event website and marketing activities.
Applies to: Corporate Organisations, Trade Associations, Law Firms
Applies to: NGO / Not for Profit, Academic / Student
Applies to: European Commission / Parliament / Council, National Government / Regulator, Diplomatic Missions to the EU, Permanent Representations to the EU, Accredited Journalists
Thon EU Hotel
Rue de la Loi 75, 1040 Bruxelles, Belgium
This event will take place fully in person. There will be no virtual component to this year’s edition.
For more information on any aspect of this event, please contact Anne-Lise Simon using any of the details below.
Director | Head of Event Planning and Coordination
Sign up to receive updates on our upcoming policy events. We will only send you emails about the conferences and topics that interest you, and you can unsubscribe at any time.