Mr Jérôme Commodi
Project manager and lawyer at the CNPD, Jérôme COMMODI oversees various initiatives under the CERV (Citizens, Equality, Rights and Values Programme) as well as other European and national programmes.
He is currently coordinating the WTOON Project for the European Commission, which aims to educate teenagers about the risks associated with social networks and how to protect their privacy and personal data. Jérôme also led the ALTO Project for the European Commission within the CERV programme, in partnership with the Luxembourg House of Cybersecurity. This initiative addresses the challenges faced by start-ups and small to medium-sized enterprises in achieving GDPR compliance.
Additionally, Jérôme was an experienced inspector in the Investigation Division of the CNPD Luxembourg and provides data protection training to companies and stakeholders in Luxembourg.
Jérôme COMMODI holds a degree in European Law from the University of Luxembourg and has acquired over ten years of professional experience as a lawyer specializing in European, civil, and commercial law.
Sessions in which Mr Jérôme Commodi attends
Monday 12 May, 2025
Generative AI development and deployment is exploding, but the recent EDPB Opinion 28/2024 and early enforcement actions (notably the fine against OpenAI by the Garante in Italy) signal that compliance with the GDPR must be taken seriously from the outset. Against this backdrop, our panel will explore how to build trust and avoid pitfalls when developing and deploying LLMs in Europe. We’ll examine the evolving legal landscape—and whether it leaves enough room for meaningful innovation....
The rapid expansion of Artificial Intelligence is reshaping the digital landscape, introducing both opportunities and challenges for consumer autonomy and data protection. AI has the potential to deliver highly relevant services, enhancing consumer engagement and satisfaction, but it can also generate outputs that may be misleading, inaccurate, or manipulative, potentially exacerbating consumer vulnerabilities and reducing consumer agency.
AI systems are becoming more integrated into critical decision-making processes, which makes questions of liability and accountability more pressing than ever. If an AI-based decision goes wrong, who is responsible? This session will unite experts from Meta, Italian Institute for Privacy and Data Valorisation, AI Law Tech Institute, SGS, and CNPD to explore the evolving frameworks for AI liability and the role of certification in building respons...
Tuesday 13 May, 2025
The session will begin with the presentation of research work on the evaluation of the benefits of compliance (combining costs, returns, gains of compliance analysis). The objective will be then to discuss on the KPIs that can be used to measure the positive returns of compliance by incorporating the perspectives of stakeholders who advocate, monitor, implement, control, or finance compliance actions.
While the EU has set a global benchmark with GDPR, effective privacy enforcement requires collaboration beyond its member states. This simply means that privacy doesn’t stop at borders, and neither should data protection. European Data Protection Authorities face growing challenges in aligning regulations, sharing strategies, and tackling cross-border data transfers with non-EU countries. This session brings together data protection professionals...
There is a lack of consensus among governments about what it means to be trusted and how to determine what constitutes a trusted cloud service provider in the context of data protection and cybersecurity. Without a common framework and criteria to assess trustworthiness, there will continue to be a lack of trust in data flows, hindering innovation and growth in today’s data-driven economy. This panel will discuss the development of a criteria-bas...
From GDPR to emerging AI regulations, organizations must navigate complex frameworks while ensuring seamless data flows across borders. This session will bring together experts to discuss practical strategies for overcoming regulatory conflicts, enabling responsible data practices, and fostering global cooperation. Key questions
Wednesday 14 May, 2025
This session promises to dive deep into the real-world impact of data anonymization and synthetic data, exploring how these techniques are being used to protect privacy in different industries. Experts of the panel will break down the myths and realities of these privacy-enhancing technologies, tackling their benefits, limitations, and regulatory challenges head-on. Key questions&nbsp...
Aiming to balance a safe and competitive digital space with the right of free expression, the interplay of these two Acts forms a critical discussion when considering the place of freedom of expression in the broader topic of privacy and data regulation. Hearing from representatives from the European Commission and legal experts, attendees of this session will gain an insight into the interplay of the Acts and how they currently sit in relation t...
With countries adopting their own unique approaches to data protection and compliance, organizations are left to navigate a maze of regulatory frameworks. The distinguished panel of this session is composed of high-level professionals and officials, from Timelex, EDPS, Digital Regulation Cooperation Forum, the Indian Ministry and many more. Together, they will explore how to address global data regulations while ensuring privacy and compliance. T...
With international data transfers under increasing regulatory and judicial scrutiny, organizations must adapt to evolving compliance challenges. From the European General Court’s ruling in Bindl v Commission to ongoing discussions around the EU-US Data Privacy Framework, the need for redundancy in GDPR transfer tools to avoid overreliance on a single transfer mechanism is crucial. This panel will explore key legal developments, risks, and ...
A dedicated meeting to exchange knowledge and showcase innovative approaches to privacy and compliance, bringing together esteemed authorities, organisations, and research projects. It offers a unique opportunity to explore and engage with practical resources, including tools designed to support compliance with data protection regulations.The Exhibition Area will be held in the Atrium of the Scuola Grande di San Giovanni Evangelista and will be accessible the whole week ...
The right to transparent, free, unbiased and pluralistic information is a pillar in democratic societies, allowing citizens to think critically and challenge their own perspectives before making decisions and judgements. With insights from academics and practitioners, this panel promises to be an interesting debate at the intersection of freedom of expression, democracy and data regulation.
Focusing on the legal situation of freedom of expression regarding data regulation, this panel session welcomes high-level practitioners and academics of the field. Referring to specific pillars of law, this debate promises to clearly outline the place of freedom of expression in the current legal climate. Key questions
This session will bring together a distinguished panel of professionals from Kenya, Senegal and Nigeria to share their perspectives on the obstacles and opportunities of data regulations in Africa, unpacking the complexities of compliance, enforcement and the digital market. If you are navigating privacy and data laws in Africa, this is a conversation you cannot afford to miss. Key ...
The Universal Declaration of Human Rights (UDHR) stands as a foundational document that seeks to protect both our dignity and freedoms. But how does Article 30, which sets boundaries on rights, interact with the rights we hold dear in the digital age? In this session, the panel will present the complex relationship between freedom of expression, data protection, and the human rights framework, with a focus on Article 30 of the UDHR and the Eleano...
Growing up in the digital age means that children are exposed to data collection before they even learn to read. This insightful session explores ways in which a safer online space can be created for the next generations, and how to enforce meaningful protection, while balancing innovation with responsibility and empowering young users to navigate the internet safely. Key questions
Thursday 15 May, 2025
Children have increasing access to the internet, which also exposes them to significant risks. The Regulation on Child Sexual Abuse Material (CSAM) represents a crucial step in addressing these dangers, aiming to protect children from online exploitation while respecting their privacy rights. This session will explore the current and upcoming regulations, examining their implications for fundamental rights and the ...
Deep dive into the practical sides of data protection certification, exploring how it can be a true motivation for operational efficiency. From the challenges that organizations face when pursuing certification to the real-world impact on data security, professionals of the industry will discuss how certification can move beyond compliance and become a strategic asset. Whether you’re looking to get certified or you’re curious about what goes behi...
A dedicated meeting to exchange knowledge and showcase innovative approaches to privacy and compliance, bringing together esteemed authorities, organisations, and research projects. It offers a unique opportunity to explore and engage with practical resources, including tools designed to support compliance with data protection regulations.The Exhibition Area will be held in the Atrium of the Scuola Grande di San Giovanni Evangelista and will be accessible the whole week ...
The European Data Protection Seal is a golden standard for demonstrating compliance, helping organizations navigate the complex world of GDPR. With Europrivacy officially recognized as a European Data Protection Seal, certification is no longer a theoretical idea but a tangible reality. In this engaging session, the distinguished panel of speakers will explore the impact of certifications, the lessons learned from ...
This session will take a deep dive into the evolving process of assessing AI’s impact on fundamental rights, transitioning from traditional Data Protection Impact Assessments (DPIA) to the Fundamental Rights Impact Assessment (FRAIA). The speakers will explore how to practically apply these assessments in AI development and deployment, ensuring that privacy and human rights remain at the forefront.
Patients trust healthcare providers with their most sensitive data, but are their rights truly being upheld in practice? From the right to access medical records to the challenge of data portability and consent management, ensuring compliance becomes not only a legal requirement but also an ethical responsibility. This session tackles the real-world struggles of ensuring data subjects’ rights in the healthcare system and explores practical soluti...
Distinguished speakers will come together in this session to explore how data protection standards can be harmonized across regions, as the need for convergence and interoperability is more urgent than ever. They will dive into the obstacles and opportunities of creating a truly interconnected certification landscape. ...
We must see bias out that door. This session dives into the challenges of mitigating bias, ensuring fairness and explainability by design. Learn how to approach fairer and more inclusive models that prioritise ethics and accountability.
Friday 16 May, 2025
Imagine a future in which medical research, innovation, and patient care seamlessly benefit from secure data sharing across Europe. European Health Data Spaces are designed to make this vision a reality, but how do they work in practice? This session goes beyond policy and legal frameworks to explore the real-world implementation of European Health Data Spaces and what they mean for future healthcare innovation.