Alain Herrmann
Alain Herrmann has been a key figure at Luxembourg's Data Protection Authority, the Commission Nationale pour la Protection des Données (CNPD), since 2012.
In September 2021, he was appointed Commissioner. In this role, he leads the activities of the Investigations Department and the Compliance Department, overseeing certifications, codes of conduct, international transfers, EU large scale information systems audits, artificial intelligence, innovation, and digital tools.
Alain possesses an excellent understanding of the national, European, and international data protection ecosystems.
Prior to his tenure at the CNPD, he held several IT and information security-related positions in the private sector. He holds a Master's degree in Information Systems Security Management from the University of Luxembourg.
Sessions in which Alain Herrmann participates
jueves 20 junio, 2019
martes 5 abril, 2022
jueves 7 abril, 2022
Session in English interpreted into Italian / Sessione in inglese con la traduzione in italianoTwo years into the COVID-19 pandemic, we have reached an appropriate standpoint during which to reflect on the lessons we have learnt so far. On a pan-European level, we witnessed the introduction of parallel measures such as legislative proposals, states of emergency, passenger locator forms, contact tracing applicat...
miércoles 19 abril, 2023
jueves 20 abril, 2023
Session to introduce practitioners to GDPR certification, what is it why would you get it, how to get it?
viernes 21 abril, 2023
lunes 10 junio, 2024
Introduction The constant and rapid evolution of the digital landscape directly influences the roles and responsibilities of professionals tasked with safeguarding data privacy and ensuring regulatory compliance. This is especially highlighted by recent EU legislations, such as the Digital Services Act, Digital Markets Act, Data Act, Data Governance Act, together with European Data Sp...
miércoles 12 junio, 2024
Introduction The number of compliance regulatory frameworks is getting higher and higher, which can often feel like navigating a maze of rules and requirements. However, compliance sandboxes offer opportunities for innovation to stay ahead of the curve. This session explains the concept of compliance sandboxes, which is a controlled environment where regulators and industry experts co...
jueves 13 junio, 2024
Introduction From the GDPR to the ePrivacy Directive and beyond, Europe has established a comprehensive regulatory framework for data processing, some of which have their own implementation scheme with dedicated bodies. This session will discuss data regulations interplay and oversight in practice. Key questions and objectives...
Introduction The panel of this session will examine the significance of cross-border accountability in the field of data processing, in order to ensure accountability and demonstrate compliance with data protection regulations. The speakers will discuss and compare available mechanisms, practices, and regulatory frameworks for enhancing transparency in these activities.
viernes 14 junio, 2024
Introduction Following last year's discussion, this session will discuss and explore the possibility to support convergence and interoperability in the field of data protection certification between three major international data protection normative frameworks: Convention 108+ of the Council of Europe, the EU GDPR, and the Global CBPR Forum. It will also explore and discuss different...
lunes 12 mayo, 2025
AI systems are becoming more integrated into critical decision-making processes, which makes questions of liability and accountability more pressing than ever. If an AI-based decision goes wrong, who is responsible? This session will unite experts from Meta, Italian Institute for Privacy and Data Valorisation, AI Law Tech Institute, SGS, and CNPD to explore the evolving frameworks for AI liability and the role of certification in building respons...
martes 13 mayo, 2025
jueves 15 mayo, 2025
Distinguished speakers will come together in this session to explore how data protection standards can be harmonized across regions, as the need for convergence and interoperability is more urgent than ever. They will dive into the obstacles and opportunities of creating a truly interconnected certification landscape. ...
Sessions in which Alain Herrmann attends
miércoles 19 abril, 2023
jueves 20 abril, 2023
viernes 21 abril, 2023
lunes 10 junio, 2024
Introduction In democratic societies, the protection of individuals’ privacy is closely connected to the preservation of civil liberties, which in turn highlights the essential role that privacy rights play in sustaining democratic principles and fostering civic engagement. This enriching session will focus on the multifaceted ways in which privacy and democracy intersect, shaping the...
The foundation of GDPR compliance lies in clearly defined legal bases for the processing of personal data. While the appropriate application of Article 6 and 9 of the GDPR to standard processing activities is sometimes already difficult, these challenges vastly increase when applied to AI training. The complex data processing activities involved therein, as well as the concrete personal data that is collected and used, turn GDPR-com...
Introduction The revised Convention 108 of the Council of Europe is being ratified by a growing number of countries. It will soon reach the required threshold to trigger the entry into force of the convention, as well as bring a paradigm shift in the landscape of global data governance. This session will discuss the key implications of this treaty, in addition to its role in shaping t...