Program 2016

8.15 – 8.45

Registration and welcome coffee

8.45 – 9.00

Opening remarks from Euroforum and the conference chair

Bojana Bellamyflagge-eng Bojana Bellamy
President, Centre for Information Policy Leadership
Hunton & Williams, UK

9.00 – 9.20 KEYNOTE

Enduring values and sustainable solutions: The GDPR as a catalyst for individual digital rights across the globe

Giovanni Buttarelli flagge-eu Giovanni Buttarelli
European Data Protection Supervisor

9.20 – 9.40 KEYNOTE

Julie Brill Data Protection EDPD flagge-usa Julie Brill
Federal Trade Commission, USA

9.40 – 10.00 KEYNOTE

Data Protection in a Smart Nation

Leong Keng Thai flagge-singapur Leong Keng Thai
Personal Data Protection Commission, Singapore

10.00 – 10.30 DISCUSSION

Chances, challenges and the latest developments in international data protection

Julie Brill Data Protection EDPD Giovanni Buttarelli

Helen Dixon Leong Keng Thai

Julie Brill, USA
Giovanni Buttarelli, European Data Protection Supervisor
Helen Dixon, Data Protection Commissioner, Ireland
Leong Keng Thai, Singapore

10.30 – 11.00

Coffee break

11.00 – 11.20 KEYNOTE

Isabelle Falque Pierrotinflagge-fr Isabelle Falque-Pierrotin
Chairwoman of CNIL (France) and
Chairwoman of Article 29 Working Party

11.20 – 11.40

Data protection – landscape and challenges

  • The vast changes in the digital landscape since the establishment of the Irish DPO
  • Data protection law, both nationally and across the EU
  • The three strands to the work of the Irish Data Protection Office: Supervision, consultation and coope ration with reference to the various stake holders
  • The impact of the General Data Protection Regulation, and accompanying law enforcement directive and the anticipated harmonized environment

Helen Dixon flagge-irland Helen Dixon
Data Protection Commissioner, Ireland

11.40 – 12.00

The General Data Protection Regulation – a building block for the digital continent

  • From the idea to the proposal: increasing users’ control of their data and cutting costs for businesses
  • How to pass a complex legal text in the EU: negotiating in the institutional triangle
  • Effect of EU data laws on international agreements
  • What’s next: how to build a true digital single market?

Viviane Reding flagge-eu Dr Viviane Reding
Former Vice-President of the European Commission
Member of the European Parliament

12.00 – 12.20

The new data protection regulation – a global gold standard made in Europe

Jan Philipp Albrecht flagge-eu Jan Philipp Albrecht
Member of the European Parliament

12.20 – 13.00 DISCUSSION

Transparency and user control under the new data protection regulation

Jan Philipp Albrecht Manuela Siano Axel Voss Dr. Ulrich Wuermeling

Jan Philipp Albrecht
Manuela Siano, Official at Service for EU and International Matters of the Italian Data Protection Authority
Axel Voss, Member of the European Parliament
Dr Ulrich Wuermeling LL.M., Visiting Professor, Queen Mary University of London, Partner, Latham & Watkins, Germany

13.00 – 14.20


14.20 – 14.40

The day after – Binding Corporate Rules & external auditing

  • Why is the implementation of BCRs audited?
  • What are the specifics of an audit by data protection authorities?
  • Which are the different audit phases and relevant preparatory measures?
  • Dos and Don’ts – some experiences

Gabriela Krader edpd edpd15 flagge-eng Gabriela Krader LL.M.
Corporate Data Protection Officer
Deutsche Post DHL, Germany

14.50 – 15.00

How global companies need to adapt their privacy and data protection programs in order to meet the chances and challenges of a changing data landscape

Joann Stonier flagge-usa Joann Stonier
Chief Information Governance & Privacy Officer
Mastercard, USA

15.00 – 15.20

Privacy challenges inemergingtechnologies

Peter Fleischer flagge-fr Peter Fleischer
Global Privacy Counsel
Google Inc., France

15.20 – 16.00
Q&A with the speakers Q&A with the speakers
global data transfers +++ BCRs +++ building privacy bridges …
16.00 – 16.30

Coffee break

16.30 – 16.50

Accountability: building trust and credibility for businesses, citizens and regulators

  • Accountable privacy management: What it is, what it is not 
  • Stating the business case for investing in accountable privacy management
  • New developments in accountability in Canada: laws, policy and enforcement
  • Accountability in Europe under the new data protection directive
  • What’s next in the global dialogue on accountability

Elisabeth Denham flagge-kanada Elizabeth Denham
Information and Privacy Commissioner for British Columbia, Canada

16.50 – 17.20 DISCUSSION

Accountability: the interplay between privacy, compliance and CSR

Elisabeth Denham micas Zoe Strickland

Elizabeth Denham, Canada
Laura Juanes Micas, Assistant General Counsel, International Privacy & Human Rights, Yahoo! Inc., USA
Zoe Strickland, Managing Director, Global Chief Privacy Officer, JPMorgan Chase & Co., USA


Departure for evening event


bundestagAt the evening event of the first EDPD conference day we cordially invite you to a guided tour of the German Bundestag at the Reichstag Building and a typical Berlin dinner with “Currywurst” afterwards.


8.30 – 9.00

Registration and welcome coffee

9.00 – 9.10

Opening remarks from Euroforum and the conference chair

Dr. Ulrich Wuermeling flagge-eng Dr Ulrich Wuermeling LL.M.
Visiting Professor, Queen Mary University of London, Partner
Latham & Watkins, Germany

9.10 – 9.30 KEYNOTE

Ted Dean flagge-usa Ted Dean
Deputy Assistant Secretary for Services
U.S. Department of Commerce, USA

9.30 – 9.50

One-stop-shop from a company’s perspective

Dr. Jyn Schultze-Melling LL.M. flagge-irland Dr Jyn Schultze-Melling LL.M.
Director for European privacy policy
Facebook Ireland Ltd.

9.50 – 10.10

Clouds of things

  • Concepts and compliance challenges
  • Security – policy and legal issues
  • Legal relationships and responsibilities
  • Personal data in clouds of things
  • Managing compliance with legal obligations

Christopher Millard flagge-eng Christopher Millard
Professor of Privacy and Information Law
Centre for Commercial Law Studies, Queen Mary University of London, UK

10.10 – 10.30

Cloud-based personalized services: are there some EU tools to demonstrate accountability?

  • Trend to more personalization in digital services challenges principle of data minimization and purpose limitation
  • Microsoft‘s way to comply with EU rules (directive & GDPR)
  • Field report and an important arising question: Are EU data protection rules ready to provide valid EU regulatory tools to demonstrate accountability?

Marie Charlotte Roques-Bonnetflagge-fr Marie Charlotte Roques-Bonnet
Director of EMEA Privacy Policy
Microsoft, France

10.30 – 10.50

Designing mobile apps with privacy in mind

  • Taking on the mobile eco systems from the European privacy perspective
  • User friendly notification and consent strategies
  • Mastering the challenges introduced by third party SDKs and components

Simon Hania flagge-holland Simon Hania
Vice President Privacy & Security
TomTom, The Netherlands

10.50 – 11.20

Coffee break

11.20 – 11.40

Reducing the identifiability of data in online advertising and measurement to strengthen consumer privacy

  • Online advertising and measurement
  • Identifiability of data and its relationship to personal privacy
  • De-identification, pseudonymization

Benjamin Hayes flagge-usa Benjamin Hayes
Chief Privacy Officer
Nielsen, USA

11.40 – 12.00

Data relationships in B2B

  • Data processor and data controller roles in the context of B2B transactions
  • B2B transactions, especially in highly regulated industries and questions about end users

Kasey Chappelleflagge-eng Kasey Chappelle
Global Privacy Officer and Director of Commercial Compliance
American Express Global Business Travel, UK

12.00 – 12.30 DISCUSSION

Controller versus processor

Kasey Chappelle Uwe W Fiedler Florian Thoma

Kasey Chappelle, UK
Uwe Fiedler, Chief Privacy Officer, Parexel International, Germany
Florian Thoma, Senior Director Data Privacy, Accenture GmbH, Germany

12.30 – 12.50

Operationalizing Privacy by Design in a connected world

  • The value of the Internet of Things
  • The human side of Big Data
  • Key components and key functional deliverables of Privacy by Design
  • Current regulatory landscape

pouliou flagge-eng Anna Pouliou
Executive, Lead Attorney for European Privacy & Data Protection
GE Corporate, Belgium

12.50 – 13.10

Telefónica’s approach to Big Data: a telco in a digital world

  • Big Data in the telecom environment
  • Privacy rules at the crossroad between telcos and OTTs
  • How to build a Big Data business while remaining fully compliant with your customer´s privacy expectation
  • Trust as the key element to build a sustainable Big Data busines

fratta flagge-spanien Stefano Fratta
Legal Director forConsumer
Fintech and Big Data, Telefónica CCDO, Spain

13.10 – 13.40 DISCUSSION

The challenge of Big Data for data protection: how to enable responsible use of Big Data

Belinda Doshi fratta Christina Peters

Belinda Doshi, Chief Privacy Officer and Associate General Counsel, Pearson Group, UK
Stefano Fratta, Spain
Christina Peters, Chief Privacy Officer, IBM Corporation, USA

13.40 – 14.40



Choose your individual subject!


Dr. Ulrich WuermelingCHAIR:
Dr Ulrich Wuermeling LL.M.

14.40 – 15.00

The implementation of the GDPR in an international company illustrated by the example of eBay

  • Outline of eBay global data protection strategy
  • eBay´s implementation of the new General Data Protection Regulation
  • Pros and cons under the new regime for a global entity
  • Practical solutions

Dr. Anna Zeiter flagge bussche flagge-eng

Dr Anna Zeiter LL.M. (Stanford), Head of Data Protection EMEA, eBay International AG, Switzerland
Dr Axel Freiherr von dem Bussche LL.M., Partner, Taylor Wessing, Germany

15.00 – 15.20

Protection and disclosure: the challenges the GDPR presents to the insurance industry

  • GDPR is introducing some new data protection concepts and rules
  • Under the GDPR individuals have more rights and more control over their data
  • The GDPR is going to make the cost of getting it wrong extremely high
  • Insurers need to prepare now for the new legal reality they will need to operate under

Orrie Dinstein flagge-usa Nicola Hughes flagge-eng

Orrie Dinstein, Global Privacy Leader, Marsh & McLennan Companies Inc., USA
Nicola Hughes, Legal Counsel, Marsh EMEA, UK

15.20 – 15.40

ISO 27018: a legal vacuum filled by technical standards – the possibilities and dangers of over lapping technical standards and legal requirements for cloud service

  • The scope and requirements of ISO 27018
  • ISO 27018 in the context of the ISO 27k family
  • The value of certifying
  • The message a certification sends

hoffman flagge-eng Sára Hoffman
Associate, Privacy and Data Protection Practice
Wilson Sonsini Goodrich & Rosati LLP, Belgium

15.40 – 16.10

Coffee break

16.10 – 16.30

Demonstrating compliance

  • Implementing a privacy management program
  • Accountability approach to compliance
  • Preparing for future requirements
  • Demonstrating compliance to DPAs, management, and other stakeholders stakeholders

Lauren Reid flagge-eng Lauren Reid
Director of EU Privacy Solutions
Nymity, UK

16.30 – 16.50

Connected Cars – hit the road, privacy?

  • Who ownes the data? Who may useit? Car owner, driver, OEM, provider, insurer?
  • All in one: Big Data, cloud, IoT, mobile apps, geolocation & profiling – connected cars have it all
  • How to transport the usual requirements (transparency, purpose limitation, data deletion etc.) into cars
  • Hacking: when data security turns into physical security
  • Impact of the new regulation

boardman flagge-eng niemann flagge-eng

Ruth Boardman, Co-Head of Bird & Bird‘s International Data Protection Practice, Bird & Bird, UK
Dr Fabian Niemann, Partner, Bird & Bird, Germany

16.50 – 17.10

Preparing for the GDPR: What you need to do, when you need to do it

  • Overview of the key impacts that the GDPR will have on businesses that process personal data
  • What does the GDPR mean for international data controllers and processors and what can businesses do to prepare for the new rules
  • Key issues that need to be considered in the context of the GDPR

bowman flagge-eng Robert Grosvenor flagge-eng

John Bowman, Senior Principal, Promontory Financial Group (UK) Ltd
Robert Grosvenor, Director, Privacy & Data Protection Practice, Promontory Financial Group (UK) Ltd

17.10 – 17.30

Global frameworks and local laws – assessing privacy risk in an evolving world

  • How 2015 saw global frameworks fall, and 2016 sees new ones replace them
  • How organisations operate and transfer data globally
  • How companies operate globally when the law is localised
  • How companies face a choice of global frameworks – which to use?

Ralph O’Brien flagge-eng Ralph O’Brien
Principal Consultant

Final discussion, Q&A Final discussion, Q&A


Bojana BellamyCHAIR:
Bojana Bellamy

14.40 – 15.00

The role of DPOs in the new GDP

Philippe Renaudière flagge-eu Philippe Renaudière
Data Protection Officer
European Commission

15.00 – 15.20

Reflections on governance: insights from a dual CPO-CCO

  • Driving organizational accountability and governance
  • Creating efficiencies through alignment between the common elements of an accountable privacy program and an effective ethics and compliance program
  • Leveraging ethics as a basis for navigating ambiguity in legal and regulatory requirements
  • Demonstrating corporate responsibility for data protection compliance
  • Managing complementary versus conflicting data protection and compliance goals

Hilary M. Wandall flagge-usa Hilary M. Wandall
Associate Vice President, Compliance & Chief Privacy Officer
Merck & Co. Inc., USA

15.20 – 15.40

Privacy in Latin America – an overview

  • Privacy in the emerging market Latin America
  • Most relevant and recent privacy legislative and regulatory trends in Latin America

micas flagge-usa Laura Juanes Micas
Assistant General Counsel
International Privacy & Human Rights, Yahoo! Inc., USA

15.40 – 16.10

Coffee break

16.10 – 16.30

Data privacy law in the Asean Economic Community – the dawn of a new age

  • What is the Asean Economic Community (AEC) and its implications for the 10 member Asian countries
  • Developments with respect to privacy laws in AEC countries
  • The significance of privacy laws in the AEC on European organisations

Steve Tan flagge-singapur Steve Tan
Partner, Deputy Head (Technology, Media, Telecommunications)
Rajah & Tann Singapore LLP, Singapore

16.30 – 16.50

Appropriately address your data-related concerns in China

  • Strengthening of state secret enforcement
  • Personal information
  • Data privacy
  • Cope with authorities
  • Cross-border transition
  • Data security

Leon C.G. Liu flagge-china Leon C.G. Liu
Partner, Attorney at Law
MWE China Law Offices, China

16.50 – 17.10

New Russian laws on data localization

  • What do the new rules to the Russian DP legislation imply?
  • Which types of processing are prohibited?
  • Are there any exceptions to the new rules?
  • Do the new rules apply to foreign entities or websites?
  • Are back-up copies abroad allowed?
  • Do the new rules have retroactive effect?
  • What are the consequences of violation of the new rules?

Ksenia Koroleva flagge-russland Ksenia Koroleva
Lawyer, Latham & Watkins LLP
Moscow, Russia

17.10 – 17.30

EU-U.S. Privacy Shield:

  • Background and status update
  • Differences with Safe Harbor
  • Usefulness of the new program
  • Practical tips for companies
  • What’s next?

Laura De Boel flagge-eng Laura De Boel
Senior associate, Privacy and Data Protection Practice
Avocat/Advocaat, Member of the Brussels Bar
Wilson Sonsini Goodrich & Rosati, LLP

Final discussion, Q&A Final discussion, Q&A
 Cinema & Networking Evening 

Meet your colleagues from Germany: At the evening of the second EDPD conference day – at the same time as the pre-event for the German “Datenschutzkongress” – we will show the film DEMOCRACY to the delegates in the Pullman hotel. The director David Bernet offers a remarkable insight into the legislative process and negotiations on the General Data Protection Regulation in the EU. The main protagonists are Jan Philipp Albrecht and Dr Viviane Reding, who are also speakers at the EDPD conference. The film will be shown with English subtitles.