Data protection certifications are now a powerful tool that can define your brand’s commitment to privacy. But as privacy laws evolve at lightning speed, certifications are evolving too. In this session, we will explore the latest developments in international data protection certifications and uncover what’s next for organizations looking to prove their credentials. 

The AI and Compliance track serves as a dynamic platform for dialogue, knowledge exchange, and collaboration on the evolving legal and regulatory landscape of AI, in addition to its increasing involvement in all aspects of our personal and professional lives. This opening session welcomes the Rector of Ca' Foscari University of Venice and the Chair of the Privacy Symposium to set the stage for insightful discussions. 

Discussions surrounding the interplay of AI and Data Protection Laws will reveal how academics and practitioners from around the world manage the intersectionality of these laws. How do data protection laws and emerging AI intersect, and how do they complement each other? If you’re a privacy professional, legal expert, AI developer, or policymaker, this is your must-attend session, as it will feature professionals from Google, EDRI, DG Justice, a...

Generative AI development and deployment is exploding, but the recent EDPB Opinion 28/2024 and early enforcement actions (notably the fine against OpenAI by the Garante in Italy) signal that compliance with the GDPR must be taken seriously from the outset. Against this backdrop, our panel will explore how to build trust and avoid pitfalls when developing and deploying LLMs in Europe. We’ll examine the evolving legal landscape—and whether it leaves enough room for meaningful innovation....

This enriching session will shed light on the consequences of data scraping in regard to privacy and intellectual property rights. Data scraping refers to the automated extraction of data from websites, APIs, and other online sources, which consequently raises questions surrounding the secondary uses of such data. Attendees of this session will have the opportunity to hear from several European and global authorities on how they perceive and addr...

As AI usage seems to proliferate, international regulations may be the way to go to develop cross-border compliance and cooperation. Featuring representatives from both sides of the Atlantic, as well as renowned global think tanks, this session will discuss how organizations can effectively align themselves with international regulations to achieve convergence and interoperability.  ...

This remarkable session brings together leading experts from Google, Microsoft, the German Data Protection Authority, the European AI Agency, and the Italian State Secretary to discuss how organizations and governments can navigate AI risks while ensuring compliance. From balancing innovation with regulation to addressing ethical concerns, this discussion will provide critical insights into the future of AI governance. 

As society becomes increasingly digital, policy-makers and researchers face the complex challenge of leveraging data and algorithms to tackle critical issues in social media, artificial intelligence (AI), and privacy. At the same time, evolving data access regulations, such as those introduced by the Digital Services Act (DSA), pose significant barriers to researchers striving for transparent and equitable access to platform data. This panel brin...

AI systems are becoming more integrated into critical decision-making processes, which makes questions of liability and accountability more pressing than ever. If an AI-based decision goes wrong, who is responsible? This session will unite experts from Meta, Italian Institute for Privacy and Data Valorisation, AI Law Tech Institute, SGS, and CNPD to explore the evolving frameworks for AI liability and the role of certification in building respons...

We will inaugurate the fourth edition of the Privacy Symposium at the Official Welcome Reception. This event marks the beginning of a week rich in insightful discussions and open exchange, set in the inspiring atmosphere of Venice. Guests will have the opportunity to admire the remarkable works of Tintoretto, one of the city’s most celebrated painters, while connecting with professionals from diverse backgrounds and engaging in fruitful discussions. The evening will be enriched by...

This exclusive 2-hour session equips regulators with essential AI knowledge for effective oversight. A seasoned AI-focused leader and two technical experts will offer concise explanations of fundamental concepts—from how AI processes data (tokenization, vectorization) to advanced applications (transformers, retrieval-augmented generation, agents). Attendees will explore synthetic data’s privacy implications, AI/ML security threats (e.g., data poi...

With evolving regulations and shifting privacy frameworks, how can businesses and privacy professionals navigate the global advancements of cross-border data transfers? This insightful session will explore the latest developments on a global scale, in addition to the latest trends and practical strategies for ensuring compliance. The panel includes high-level professionals from DG Justice, Information Commissioner’s Office, European Digital Right...

This panel will discuss emergent technologies that may reduce AI risks and possible regulatory responses to such technology. 

When it comes to the relationship between privacy and antitrust, we’re entering a complex zone. On one side, we have the protection of personal data. On the other side, there are market forces where monopolistic practices and anti-competitive behavior can harm consumers and stifle innovation. This session will explore how privacy and antitrust law collide, challenge each other, and sometimes even work together to p...

From GDPR to emerging AI regulations, organizations must navigate complex frameworks while ensuring seamless data flows across borders. This session will bring together experts to discuss practical strategies for overcoming regulatory conflicts, enabling responsible data practices, and fostering global cooperation. Key questions 

Personal data defines identity. However, in a world where surveillance is invisible, data is power, and sharing is an everyday activity, does true privacy still exist? And if we lose it, do we also lose something essential about ourselves? This session will bring together experts to explore the philosophical and practical implications around the nature of privacy and what it truly means for our digital selves, fund...

After a productive day of engaging sessions, what better way to refresh than by enjoying a traditional Aperol Spritz at the Privacy Professionals’ Meet-up? Join us for a relaxed evening of conversation and connection over this iconic Italian cocktail. It’s a unique opportunity to get to know other participants of the Privacy Symposium, while enjoying a taste of the dolce vita in true Venetian style.

This panel will explore emerging Data Security and Privacy Risks with respect to Data Portability and potential Privacy tradeoffs in the EU’s Digital Package.  The panel will address whether more guidance or clarification is needed for such intersecting obligations and how Privacy protection is to be balanced with other rights and legal obligations.  

Europe’s data regulations are very intricate to form the whole picture, which means that each piece is essential, yet constantly shifting. The Data Act, Data Governance Act and GDPR are not isolated frameworks; they are deeply intertwined to shape the way we interact with the digital reality. This session unites esteemed professionals and officials from Euroconsumers, DG Justice, DG Connect, and Lativia DPA, diving beyond the legal aspect to unco...

With international data transfers under increasing regulatory and judicial scrutiny, organizations must adapt to evolving compliance challenges. From the European General Court’s ruling in Bindl v Commission to ongoing discussions around the EU-US Data Privacy Framework, the need for redundancy in GDPR transfer tools to avoid overreliance on a single transfer mechanism is crucial. This panel will explore key legal developments, risks, and ...

Explore the critical issues shaping HR data privacy in the age of AI. This panel of government and legal experts will address the complexities of cross-border data flows, emerging compliance requirements, and the implications of AI for human resources data. Discover strategies for fostering international cooperation and ensuring robust employee data protection in a rapidly evolving regulatory landscape. 

This unique session moves past the policy wish lists and into the real-world solutions that could bridge the global data divide. Experts and officials from the Italian Data Protection Authority, Federal Trade Commission, EDPB, and Mexico’s INAI will explore what’s working, what’s failing, and what steps are necessary to move towards meaningful international cooperation in data protection.  

Marking the halfway point of the conference, have a relaxing evening at the Privacy Professionals’ Meet-up.  Enjoy a refreshing spritz while engaging with other privacy experts. After a productive day of sessions, this is an excellent occasion to meet with other participants and speakers, resume discussions, and enjoy a relaxing evening.

In an era marked by the transformative potential of Generative AI and emerging Advanced General Intelligence (AGI), law enforcement and national security agencies face both unprecedented challenges and opportunities and have critical responsibilities. This panel will explore how governments can deploy these powerful AI tools without undermining privacy, data protection, and human rights. We will examine the interplay between evolving regulatory expectations, geopoli...

International organizations operate in a unique context and, as a result, face distinct challenges in developing privacy policies and personal data protection practices. Indeed, due to their status having privileges and immunities, International Organizations are not subject to laws and regulations (and related enforcement) from jurisdictions where they are established and/or where they operate. In this session, privacy leaders from three multilateral development banks (MDBs) will...

Under European law, a Transfer Impact Assessment is required when transferring personal data to third countries that are not recognized as having adequate data protection standards. It is the responsibility of the data controller to conduct the Assessment, ensuring among other factors that they evaluate the legal framework of the recipient country. This session will provide practical, hands-on guidance on how to effectively carry out a Transfer I...

The Privacy Symposium is delighted to invite you to a unique musical experience on Thursday, 15 May at 6:30 PM, where the Quartetto Pegreffi will take the audience on a musical journey inspired by Venice’s atmosphere. The concert will present a selection of pieces ranging from refined baroque elegance to rich impressionistic colours. The programme reflects the ambience and charm of the surroundings, offering a moment of pause and appreciation in the midst of the Privacy Symposium....

This workshop is designed to practice the conformity assessment procedure of AI systems in accordance with the emerging AI Act. The workshop is structured to provide theoretical knowledge and hands-on experience, focusing on the Act's obligations and requirements concerning intended use, data governance, transparency, and the technical and organizational measures implemented to ensure compliance. 

The age of generative AI is one where machines can write, create, and predict with astonishing accuracy. Still, this brings new privacy challenges as AI plays a powerful role in our lives. This session will discuss the Gen AI Code of Practice, defined as a set of guidelines that aims to govern the use of generative AI while protecting privacy rights. The panel will explore what a solid and actionable code of practice looks like and how DPOs can p...