The AI and Compliance track serves as a dynamic platform for dialogue, knowledge exchange, and collaboration on the evolving legal and regulatory landscape of AI, in addition to its increasing involvement in all aspects of our personal and professional lives. This opening session brings together distinguished Italian academics, officials of the region and the Director of the Privacy Symposium to set the stage for insightful discu...

Discussions surrounding the interplay of AI and Data Protection Laws will reveal how academics and practitioners from around the world manage the intersectionality of these laws. How do data protection laws and emerging AI intersect, and how do they complement each other? If you’re a privacy professional, legal expert, AI developer, or policymaker, this is your must-attend session, as it will feature professionals from Google, EDRI, DG Justice, a...

Compliance with the AI Act relies a great deal on robust risk management.  However, small and medium entreprises (SMEs) often do not have a risk management policy in place and it is difficult for them to identify, analyse, assess, and mitigate risks related to AI systems privacy and security. On the other hand, whichever methodology an organisation chooses, the underlying cybersecurity and privacy issues that accompany the use of AI systems remain technically the same. This session will ...

Generative AI development and deployment is exploding, but the recent EDPB Opinion 28/2024 and early enforcement actions (notably the fine against OpenAI by the Garante in Italy) signal that compliance with the GDPR must be taken seriously from the outset. Against this backdrop, our panel will explore how to build trust and avoid pitfalls when developing and deploying LLMs in Europe. We’ll examine the evolving legal landscape—and whether it leaves enough room for meaningful innovation....

This session will explore how to design data spaces that aren’t just legally compliant but also fundamentally structured around privacy, security, and trust. By embedding compliance in the core of data infrastructure design, we can move beyond reactive measures and create environments that foster confidence and cooperation.  Key questions 

This remarkable session brings together leading experts from Microsoft, the German Data Protection Authority, the European AI Agency, and the Italian State Secretary to discuss how organizations and governments can navigate AI risks while ensuring compliance. From balancing innovation with regulation to addressing ethical concerns, this discussion will provide critical insights into the future of AI governance. 

This panel focuses on integrating the new cybersecurity obligations introduced by the NIS 2 Directive with the GDPR’s existing requirements for data integrity and confidentiality. 

The Cyber Resilience Act (CRA) sets obligatory requirements for hardware and software products as well as infrastructure, aiming to guarantee high standards of security for all items connected to the internet. This session brings together experts to explore the CRA’s real-world implications, shedding light on the challenges, opportunities, and urgent questions surrounding cyber resilience. 

In this insightful session, experts and professionals in the field will delve into the realm of post-quantum cryptography, exploring how we can strengthen data protection strategies and secure digital infrastructure against emerging threats. The panel will share thoughts on the potential risks and how new approaches are being developed.  Key questions 

AI systems are becoming more integrated into critical decision-making processes, which makes questions of liability and accountability more pressing than ever. If an AI-based decision goes wrong, who is responsible? This session will unite experts from Meta, Italian Institute for Privacy and Data Valorisation, AI Law Tech Institute, SGS, and CNPD to explore the evolving frameworks for AI liability and the role of certification in building respons...

Cyber threats are evolving at an unprecedented pace, which makes AI and machine learning essential tools in the fight against cybercrime, by enabling faster threat detection, automated responses, and predictive defense strategies. However, with these advancements come new challenges. The panel of this session will explore the future of AI-driven defense and what it means for privacy, security, and resilience.  

The International Cooperation track serves as platform for exchanging ideas, building meaningful partnerships, and exploring innovative solutions beyond borders and across various disciplines. This session opens with an insightful discussion featuring an esteemed panel of high-level speakers and experts, such as the Secretary General of the Inter Parliamentary Union, Chairman of the GPA, members of the GDPD and EDPB, and European...

The session will begin with the presentation of research work on the evaluation of the benefits of compliance (combining costs, returns, gains of compliance analysis). The objective will be then to discuss on the KPIs that can be used to measure the positive returns of compliance by incorporating the perspectives of stakeholders who advocate, monitor, implement, control, or finance compliance actions. 

With evolving regulations and shifting privacy frameworks, how can businesses and privacy professionals navigate the global advancements of cross-border data transfers? This insightful session will explore the latest developments on a global scale, in addition to the latest trends and practical strategies for ensuring compliance. The panel includes high-level professionals from DG Justice, Information Commissioner’s Office, European Digital Right...

In this thought-provoking session, the panel will dive into the intriguing world of neuro privacy. As breakthroughs in neuroscience offer unprecedented insights into the human brain, important ethical questions arise regarding the collection, use, and potential misuse of neural data. The speakers will explore the intersection between neuroscience, privacy, and fundamental human rights, while focusing on the emerging challenges and potential solut...

While regulators worldwide are fighting the same battles, too often they’re doing it in isolation. This session brings together industry experts and distinguished officials from EDPS, Dutch Data Protection Authority, Office of the Privacy Commissioner of Canada, and US Department of Justice. Attendees will learn about the real challenges of cross-border privacy enforcement and explore the ways in which regulators can work together to turn fragmen...

The financial sector thrives on data. This is true for every transaction, risk assessment, and customer interaction, which should ensure seamless flow of information. However, financial establishments must ensure trust while enabling efficient and ethical data sharing. This session will focus on the complexities of financial data governance, exploring solutions for secure and compliant data management.  

This panel will discuss emergent technologies that may reduce AI risks and possible regulatory responses to such technology. 

The role of data regulations in enabling economic growth is currently a topic of intense interest in many parts of the world. Attendees of this enriching session will hear discussions on the nature and design of data regulations, and balances to be struck, including the extent to which regulators seek to enable good outcomes as well as prevent bad ones.  Key questions 

When it comes to the relationship between privacy and antitrust, we’re entering a complex zone. On one side, we have the protection of personal data. On the other side, there are market forces where monopolistic practices and anti-competitive behavior can harm consumers and stifle innovation. This session will explore how privacy and antitrust law collide, challenge each other, and sometimes even work together to p...

There is a lack of consensus among governments about what it means to be trusted and how to determine what constitutes a trusted cloud service provider in the context of data protection and cybersecurity. Without a common framework and criteria to assess trustworthiness, there will continue to be a lack of trust in data flows, hindering innovation and growth in today’s data-driven economy. This panel will discuss the development of a criteria-bas...

From GDPR to emerging AI regulations, organizations must navigate complex frameworks while ensuring seamless data flows across borders. This session will bring together experts to discuss practical strategies for overcoming regulatory conflicts, enabling responsible data practices, and fostering global cooperation. Key questions 

It is people, not laws, that drive privacy. What about privacy makes it universal across the world and throughout history? How do non-Western societies demonstrate how individuals, communities and civilizations instinctively cherish privacy? How did the Ancient Romans solve universal and timeless privacy problems around maintaining and verifying identity? In this session of the “Philosophy of Privacy” stream, hear ...

The internet evolved into a global platform for open and free communication, supporting critical human rights and freedom of expression. However, this very foundation of openness raises questions of security and privacy. In this session, professionals and experts of the industry will come together to explore how internet governance intersects with the need for security, the protection of fundamental rights, and the risks associated with censorshi...

Convention 108+, the ‘modernised’ version of the Council of Europe’s data protection treaty, is positioned to play a key role in shaping global data governance and privacy regulations for years to come. This treaty aims to create a more solid framework for data protection to keep pace with the digital world, and to extend beyond Europe’s borders. The esteemed speakers of this panel will present Convention 108+ in the context of striking a balance...

Personal data defines identity. However, in a world where surveillance is invisible, data is power, and sharing is an everyday activity, does true privacy still exist? And if we lose it, do we also lose something essential about ourselves? This session will bring together experts to explore the philosophical and practical implications around the nature of privacy and what it truly means for our digital selves, fund...

As cases regarding restrictions on freedom of expression seem to intensify, the question of democracy and exposure to opposing opinions rises to the forefront. Attendees at this session will hear perspectives from representatives of fundamental rights agencies and Council of Europe as well as officials from the US Department of Justice and UN Human Rights Council. The panel will provide a full picture of how we can address restrictions on freedom...

This panel will explore emerging Data Security and Privacy Risks with respect to Data Portability and potential Privacy tradeoffs in the EU’s Digital Package.  The panel will address whether more guidance or clarification is needed for such intersecting obligations and how Privacy protection is to be balanced with other rights and legal obligations.  

This session promises to dive deep into the real-world impact of data anonymization and synthetic data, exploring how these techniques are being used to protect privacy in different industries. Experts of the panel will break down the myths and realities of these privacy-enhancing technologies, tackling their benefits, limitations, and regulatory challenges head-on. Key questions&nbsp...

Are privacy and defense opposing forces, where one focuses on protecting individual freedoms while the other focuses on protecting national security? In this session, the panel will explore the delicate balance between data protection and defense interests, navigating the common ground where security concerns meet privacy rights, in addition to presenting real-world cases.  Key quest...

Aiming to balance a safe and competitive digital space with the right of free expression, the interplay of these two Acts forms a critical discussion when considering the place of freedom of expression in the broader topic of privacy and data regulation. Hearing from representatives from the European Commission and legal experts, attendees of this session will gain an insight into the interplay of the Acts and how they currently sit in relation t...

Join us for a real discussion on the future of national security in a way that respects the rights that make us who we are. The esteemed speakers of this session will provide a deeper understanding of how governments balance security measures with the protection of civil liberties. They will present their perspectives on how governments take or should take action to prevent harm without overstepping boundaries, and how technology both aids and co...

During this workshop our presenters will each highlight some of the policy recommendations co-created by a group of experts with UNICEF about data governance for EdTech used in schools as part of the UNICEF data governance for children project. We will then divide the participants into groups to provide feedback on the recommendations for the different stakeholders ...

The panel of this session will investigate the growing debate around social media platforms placing, or not placing, restrictions on what can be posted online. Attendees will gain an insight into how these restrictions impact both individual users of the platforms and wider society through the perspectives of individual creatives and stakeholders. Key questions 

With international data transfers under increasing regulatory and judicial scrutiny, organizations must adapt to evolving compliance challenges. From the European General Court’s ruling in Bindl v Commission to ongoing discussions around the EU-US Data Privacy Framework, the need for redundancy in GDPR transfer tools to avoid overreliance on a single transfer mechanism is crucial. This panel will explore key legal developments, risks, and ...

With countries adopting their own unique approaches to data protection and compliance, organizations are left to navigate a maze of regulatory frameworks. The distinguished panel of this session is composed of high-level professionals and officials, from Timelex, EDPS, Digital Regulation Cooperation Forum, the Indian Ministry and many more. Together, they will explore how to address global data regulations while ensuring privacy and compliance. T...

The right to transparent, free, unbiased and pluralistic information is a pillar in democratic societies, allowing citizens to think critically and challenge their own perspectives before making decisions and judgements. With insights from academics and practitioners, this panel promises to be an interesting debate at the intersection of freedom of expression, democracy and data regulation.  

Imagine this: A multinational company grappling with an unexpected ransomware attack. Stakeholders are on edge, the clock is ticking, and swift decisions are paramount. This isn’t just a test of your expertise, but also a measure of how well you can handle pressure, make crucial decisions with your team, and lead during chaos.  This two times award finalist service (Finnish Comm...

Explore the critical issues shaping HR data privacy in the age of AI. This panel of government and legal experts will address the complexities of cross-border data flows, emerging compliance requirements, and the implications of AI for human resources data. Discover strategies for fostering international cooperation and ensuring robust employee data protection in a rapidly evolving regulatory landscape. 

Focusing on the legal situation of freedom of expression regarding data regulation, this panel session welcomes high-level practitioners and academics of the field. Referring to specific pillars of law, this debate promises to clearly outline the place of freedom of expression in the current legal climate.  Key questions 

Age assurance is a growing requirement for online safety, but one that comes with clear interdependencies with data protection. Requirements for highly effective age assurance have to be considered alongside data minimisation requirements under the GDPR. The limitations of working in silos must be overcome, and one way of doing so is via a multistakeholder dialogue that brings data protection regulators, safety regulators, academics, companies an...

This session will bring together a distinguished panel of professionals from Kenya, Senegal and Nigeria to share their perspectives on the obstacles and opportunities of data regulations in Africa, unpacking the complexities of compliance, enforcement and the digital market. If you are navigating privacy and data laws in Africa, this is a conversation you cannot afford to miss.  Key ...

The intersection of freedom of expression and religious beliefs is perhaps one of the most well-known and publicized topics in the last two decades. Addressing an incredibly important and topical issue, attendees will hear how the panelists perceive and have challenged the line between freedom of expression and restriction, from their own experience.  Key questions 

Growing up in the digital age means that children are exposed to data collection before they even learn to read. This insightful session explores ways in which a safer online space can be created for the next generations, and how to enforce meaningful protection, while balancing innovation with responsibility and empowering young users to navigate the internet safely.  Key questions

Imagine this: A multinational company grappling with an unexpected ransomware attack. Stakeholders are on edge, the clock is ticking, and swift decisions are paramount. This isn’t just a test of your expertise, but also a measure of how well you can handle pressure, make crucial decisions with your team, and lead during chaos.  This two times award finalist service (Finnish Comms Awards...

The Universal Declaration of Human Rights (UDHR) stands as a foundational document that seeks to protect both our dignity and freedoms. But how does Article 30, which sets boundaries on rights, interact with the rights we hold dear in the digital age? In this session, the panel will present the complex relationship between freedom of expression, data protection, and the human rights framework, with a focus on Article 30 of the UDHR and the Eleano...

This expert panel will delve into the multifaceted challenges surrounding cybersecurity and privacy incident management, as well as personal data breaches within the European regulatory landscape. With contributions from industry leaders, privacy professionals, and regulators, the discussion will highlight the interplay between key regulations such as the GDPR and the NIS 2 Directive, emphasizing their evolution in the context of AI systems and m...

Medical data is one of the most sensitive types of information, yet it is also the foundation of groundbreaking research, diagnostics, and personalized treatments. Consequently, healthcare providers, researchers, and tech companies must navigate an increasingly complex web of regulations without slowing progress. Join the panel of this unique session as it unpacks the evolving landscape of medical data regulatory compliance and data governance.&n...

In an era marked by the transformative potential of Generative AI and emerging Advanced General Intelligence (AGI), law enforcement and national security agencies face both unprecedented challenges and opportunities and have critical responsibilities. This panel will explore how governments can deploy these powerful AI tools without undermining privacy, data protection, and human rights. We will examine the interplay between evolving regulatory expectations, geopoli...

In pursuit of medical breakthroughs, data is considered a goldmine. At the same time, accessing medical data should not come at the expense of crossing legal and ethical lines. This session will tackle one of the most important issues in medical research today: the lawful use of patient data for secondary purposes like advancing scientific discovery and healthcare innovation. The distinguished panel of this session will explore the complex questi...

Il ruolo del DPO sta evolvendo con le nuove tecnologie e normative, affrontando sfide legate alla governance e alla protezione dei diritti. L'incontro esplorerà l'evoluzione del ruolo, la relazione con il vertice aziendale e l'importanza del monitoraggio continuo anche in relazione al bilanciamento degli interessi in gioco.  Gli obiettivi sarebbero dunque- Evoluzione del ruolo del DPO: Indagare come il ruolo del DPO si stia adattando alle nuove tecnologie e alle sfide digit...

Deep dive into the practical sides of data protection certification, exploring how it can be a true motivation for operational efficiency. From the challenges that organizations face when pursuing certification to the real-world impact on data security, professionals of the industry will discuss how certification can move beyond compliance and become a strategic asset. Whether you’re looking to get certified or you’re curious about what goes behi...

Valutare l’eventuale gap tra le aspettative con cui il Codice di Condotta è nato e la realtà applicativa ad un anno dalla sua approvazione.Fare emergere gli eventuali impatti eccessivamente onerosi a carico delle imprese aderenti o di quelle che vogliono comunque conformarsi al Codice di Condotta.Discutere di eventuali spunti di miglioramento delle regole del Codice e della sua interazione con le altre iniziative di contrasto al telemarketing illegale.

If you are interested in how to turn the principle of privacy into marketing practices that not only comply with the law but also resonate with the audience, then this session is for you. The panel will explore how to build privacy-first marketing strategies that respect consumer data while still driving engagement and delivering results.  Key questions 

Patients trust healthcare providers with their most sensitive data, but are their rights truly being upheld in practice? From the right to access medical records to the challenge of data portability and consent management, ensuring compliance becomes not only a legal requirement but also an ethical responsibility. This session tackles the real-world struggles of ensuring data subjects’ rights in the healthcare system and explores practical soluti...

The European Data Protection Seal is a golden standard for demonstrating compliance, helping organizations navigate the complex world of GDPR. With Europrivacy officially recognized as a European Data Protection Seal, certification is no longer a theoretical idea but a tangible reality. In this engaging session, the distinguished panel of speakers will explore the impact of certifications, the lessons learned from ...

This session will take a deep dive into the evolving process of assessing AI’s impact on fundamental rights, transitioning from traditional Data Protection Impact Assessments (DPIA) to the Fundamental Rights Impact Assessment (FRAIA). The speakers will explore how to practically apply these assessments in AI development and deployment, ensuring that privacy and human rights remain at the forefront. 

The panel seeks to provide a holistic perspective on the legitimate pursuit of own business purposes for data holders like large-scale (cloud) service providers and other processors with a focus on GDPR and also reflecting on the UK and US point of view. The discussion would cover the differentiation between the controlle...

This session will cover the legal implications and real-world use cases of anonymization, pseudonymization, and synthetic data. From enabling secure data sharing for research and ensuring compliance in clinical trials, the panel will dive into how some techniques can help meet privacy requirements while still fostering scientific progress.  Key questions 

Data protection certifications are now a powerful tool that can define your brand’s commitment to privacy. But as privacy laws evolve at lightning speed, certifications are evolving too. In this session, we will explore the latest developments in international data protection certifications and uncover what’s next for organizations looking to prove their credentials. 

Digital health is reshaping the way patient care is approached. This offers exciting new opportunities for personalized medicine, real-time health monitoring, and remote care, which makes healthcare more accessible and efficient. With all these advancements, however, comes great challenges. This session will explore the incredible potential of digital health, its impact on patient care, and the obstacles and opportunities it presents.  ...

Distinguished speakers will come together in this session to explore how data protection standards can be harmonized across regions, as the need for convergence and interoperability is more urgent than ever. They will dive into the obstacles and opportunities of creating a truly interconnected certification landscape. ...

Under European law, a Transfer Impact Assessment is required when transferring personal data to third countries that are not recognized as having adequate data protection standards. It is the responsibility of the data controller to conduct the Assessment, ensuring among other factors that they evaluate the legal framework of the recipient country. This session will provide practical, hands-on guidance on how to effectively carry out a Transfer I...

This intriguing session delves into the heart of sustainable digital transformation, exploring how we can harmonize technology with the urgent need for a greener, more sustainable future. Join experts and leaders of the industry as they discuss the crucial role that digital tools, infrastructure, and strategies can play in driving sustainability, reducing carbon footprints, and building a world where technology and nature coexist in balance.&nbsp...

This unique session explores the evolving responsibilities of DPOs in the field of AI governance, focusing on the challenges, ethical dilemmas, and opportunities that come with overseeing AI systems that may impact personal data. Join the panel for a forward-thinking discussion about how DPOs can steer the future of AI governance while staying true to their core mission of data protection.  

Synthetic data is considered a privacy-preserving solution for sharing and analyzing sensitive datasets, but how much privacy does it really offer? Can we measure it? This session will dive deep into the world of structured synthetic data, unraveling its promises and limitations, as well as explore techniques for quantifying privacy protection Key questions 

As law enforcement agencies engage in more complex and sophisticated cross-border data exchanges, the role of Data Protection Officers (DPOs) serving in law enforcement has never been more critical. With evolving technologies, increased international cooperation, and stricter regulatory requirements, DPOs must navigate the fine line between effective policing and data protection compliance, not just within their own jurisdictions, but beyond nati...

Imagine a future in which medical research, innovation, and patient care seamlessly benefit from secure data sharing across Europe. European Health Data Spaces are designed to make this vision a reality, but how do they work in practice? This session goes beyond policy and legal frameworks to explore the real-world implementation of European Health Data Spaces and what they mean for future healthcare innovation.