Program 2017

8.30 – 9.00

Registration and welcome coffee

9.00 – 9.10

Opening remarks from Euroforum and the conference chair

Bojana Bellamyflagge-eng Bojana Bellamy
President, Centre for Information Policy Leadership
Hunton & Williams, UK

9.10 – 9.30

Hitting the ground running: How regulators and businesses can really put data protection accountability into practice

Giovanni Buttarelli flagge-eu Giovanni Buttarelli
European Data Protection Supervisor

9.30 – 9.50

Observations on the GDPR 2018 from Hong Kong’s perspective

wong flagge-th Prof. Stephen Kai-yi Wong
Privacy Commissioner for Personal Data, Hong Kong

9.50 – 10.10

Atlantic crossings: US/EU data flows

Hugh Stevenson flagge-usaHugh Stevenson
Deputy Director for International Consumer Protection
Federal Trade Commission, USA

10.10 – 10.40

The latest developments in international data protection – one year before the GDPR will apply

Giovanni Buttarelli Isabelle Falque PierrotinHugh Stevenson wong

Giovanni Buttarelli, European Data Protection Supervisor
Isabelle Falque-Pierrotin, Chairwoman of CNIL, Chairwoman of Article 29 Working Party, France
Hugh Stevenson, Deputy Director for International Consumer Protection, Federal Trade Commission, USA
Prof. Stephen Kai-yi Wong, Privacy Commissioner for Personal Data, Hong Kong

10.40 – 11.10

Coffee break

11.10 – 11.30



Isabelle Falque Pierrotinflagge-fr Isabelle Falque-Pierrotin
Chairwoman of CNIL
Chairwoman of Article 29 Working Party, France


11.30 – 11.50

Transitioning towards the GDPR – Challenges and opportunities

Helen Dixon flagge-irland Helen Dixon
Data Protection Commissioner, Ireland

11.50 – 12.10

Privacy Shield

Caitlin Fennessy flagge-usa Caitlin Fennessy
Senior Policy Advisor, Data Flows and Privacy Team
U.S. International Trade Administration, USA

12.10 – 12.40

International Data Transfers: Will Privacy Shield enable global data flows and create legal certainty?

Caitlin FennessyPeter FleischerBruno Gencarelli

ulmer winters

Caitlin Fennessy, Senior Policy Advisor, Data Flows and Privacy Team, U.S. International Trade Administration, USA
Peter Fleischer, Global Privacy Counsel, Google Inc., France
Bruno Gencarelli, Head of Unit International Data Flows and ProtectionEuropean Commission
Dr Claus-Dieter Ulmer, Global Data Privacy Officer, Deutsche Telekom AG, Germany
Alan Winters, Chief Privacy Officer, Deputy Chief Global Compliance, Teleperformance Group, USA

12.40 – 13.00

DPA Developments in the Philippines

Raymund Enriquez Liboro flagge-ph Raymund Enriquez Liboro
Privacy Commissioner and Chairman
National Privacy Commission, Republic of the Philippines

13.00 – 13.20

The scope of EU data protection legislation vs. the scope of the EU fundamental right to data protection – which cases may be dealt with by the Court of Justice?

sobotta flagge-eu Dr Christoph Sobotta
Legal Secretary (Référendaire), Chambers of Advocate General Kokott
Court of Justice of the European Union

13.20 – 14.20


14.20 – 14.40

One year to GDPR: How is Google preparing?

Peter Fleischerflagge-fr Peter Fleischer
Global Privacy Counsel
Google Inc., France

14.40 – 15.00

Challenges in implementing the GDPR in an international company

  • Most relevant implications for B2B companies
  • Practical experiences with a tool-based register of proceedings
  • Ensuring EU-wide compliance: Headquarter versus affiliates

kessler flagge-eng Dr Axel Kessler LL.M.
Head of Legal Data Privacy
Siemens AG, Germany

15.00 – 15.20

Implementation of GDPR in an Airline: Ideas and first experiences in practice

  • Where do we come from as a German based international airline?
  • Main challenges in a changing environment
  • Business specific data protection issues
    • Customer data
    • Data exchange and usage between airlines and authorities
  • How to start and how to proceed with the implementation?

kirchberg flagge-eng Dr Barbara Kirchberg-Lennartz
Global Data Privacy Officer
Deutsche Lufthansa AG, Germany

15.20 – 15.40

Implementation of GDPR in a large multinational organization

Mikko Niva flagge-eng Mikko Niva
Group Privacy Officer and Head of Legal
Vodafone Group Services Limited, UK

15.40 – 16.10

Are businesses “GDPR-ready”?

kesslerkirchberg simberkoff Joann Stonier

Dr Axel Kessler LL.M., Head of Legal Data Privacy, Siemens AG, Germany
Dr Barbara Kirchberg-Lennartz, Global Data Privacy Officer, Deutsche Lufthansa AG, Germany
Dana Louise Simberkoff, Chief Compliance and Risk Officer, AvePoint, USA
Joann Stonier, Chief Information Governance & Privacy Officer, Mastercard, USA

16.10 – 16.40

Coffee break


Choose your individual subject!


Bojana BellamyMODERATOR:
Bojana Bellamy

16.40 – 17.00

Implementation of the GDPR at eBay – Experiences and learnings

  • How to implement the GDPR in a global acting company
  • Planning, communicating, implementing and monitoring the new requirements
  • Managing stakeholders and expectations
  • Experiences, learnings and unsolved questions

Dr. Anna Zeiter flagge Dr Anna Zeiter LL.M. (Stanford)
Head of Data Protection
EMEA, eBay International AG, Switzerland

17.00 – 17.20

The Universality of consent in global data protection

kosseim flagge-kanada Patricia Kosseim
Senior General Counsel and Director
General Legal Services, Policy, Research and Technology
Analysis Branch, Office of the Privacy Commissioner of Canada

17.20 – 17.40

Grappling with the internet of things, disruptive technology and cloud of things in the context of a smart nation initiative

  • Lessons from Singapore’s smart nation initiative in the context of every country’s embracement of disruptive technology and the internet of things
  • Key data protection and data security challenges that each country will face
  • Rationalising with individuals’ growing concerns over privacy and security in this age of ‘data-terrorism’

Steve Tan flagge-singapur Steve Tan
Partner, Deputy Head, Technology, Media & Telecommunications
Rajah & Tann Singapore LLP, Singapore


Marie-Charlotte Roques-Bonnet
Director of EMEA Privacy Policy
Microsoft Emea, France

16.40 – 17.00

The new ePrivacy regulation

  • Relevant for everybody, not just telecoms
  • Regulates websites, browsers and apps around the world
  • Protects B2B and B2C end-users and devices
  • Provides barriers for electronic marketing

boardmanflagge-eng Ruth Boardman
Bird & Bird LLP, UK

17.00 – 17.20

Implementation of the data protection reform and international transfers: the view from the European Commission

  • Implementation of the GDPR
  • Role of the European Commission
  • Privacy Shield and the forthcoming annual review
  • International data transfers and the 10 Jan. 2017 Communication of the European Commission

Bruno Gencarelli flagge-eu Bruno Gencarelli
Head of Unit International Data Flows and Protection, European Commission

17.20 – 17.40

Data protection in Tunisia as a tool for development

  • Constitution
  • Amending the law
  • Creating employment
  • Attracting foreign investment

Héla Ben Miled flagge-tunesien Héla Ben Miled
Judge, Tunisian Administrative Court of Justice
UN Data Privacy Advisory Group, Tunisia

At the end of the first day we cordially invite you to a drink reception.


Departure for the evening event

On the evening of the first EDPD conference day, we cordially invite you to an exciting Trabi Safari. The Trabi (Trabant) was the most common vehicle in Eastern Germany (the former GDR). Experience Berlin‘s famous sights and have a traditional Berlin “Currywurst” after the tour!



8.20 – 8.50

Registration and welcome coffee

8.50 – 9.00

Opening remarks from Euroforum and the conference chair

Bojana Bellamyflagge-eng Bojana Bellamy
President, Centre for Information Policy Leadership
Hunton & Williams, UK

9.00 – 9.20

Digital Disinformation – Fake news and hacking in election campaigns

Dr Ben Scott flagge-usa Dr Ben Scott
Member of the Management Board, Stiftung
Neue Verantwortung and former advisor to Secretary of State Hillary Clinton, USA

9.20 – 9.40

Designing for the GDPR: making it work for data subjects

deadman flagge-eng Stephen Deadman
Global Deputy Chief Privacy Officer

9.40 – 10.00

Worldwide standards in data privacy – digital sovereignty as foundation for a common understanding?

  • Digital responsibility and digital sovereignty – what does that mean?
  • Different regions of the world – different data privacy standards – really?
  • Design thinking – what are the customer´s demands?
  • Let’s have a closer look on legal, technical and organizational issues
  • The minimum overlap – first ideas and first steps

ulmer flagge-eng Dr Claus-Dieter Ulmer
Global Data Privacy Officer
Deutsche Telekom AG, Germany


10.00 – 10.30

Coffee break

10.30 – 10.50

EU Fundamental rights in the cloud

  • Cloud
  • Fundamental rights
  • Data transfers… and data protection!

roques flagge-fr Marie-Charlotte Roques-Bonnet
Director of EMEA, Privacy Policy
Microsoft EMEA, France

10.50 – 11.10

DPIAs and data mapping: operationalising GDPR and privacy by design

  • How to best implement efficient and effective data handling practices in the face of the new GDPR requirements
  • Learn how to use data privacy impact assessments and data maps to document and track new initiatives

barday flagge-eng Kabir Barday
OneTrust, UK

11.10 – 11.30

Big Data and the GDPR: innovative or conservative?

Yann Padova flagge-fr Yann Padova
Commission de Régulation de l’Energie, France

11.30 – 11.50

Big Data – the silver bullet or a threat to a free society?

  • Will the GDPR be enough to control Big Data?
  • What can we learn from other sectors with invasive technologies?

kolompar flagge-holland Amancio Kolompar
Director Privacy Compliance
Liberty Global B.V., The Netherlands

11.50 – 12.20

How to strike a balance between Big Data and data protection?

kolompar Yann Padova polonetsky

Amancio Kolompar, Director Privacy Compliance, Liberty Global B.V., The Netherlands
Yann Padova, Commissaire, Commission de Régulation de l‘Energie, France
Jules Polonetsky, CEO, Future of Privacy Forum, USA

12.20 – 12.40

Biometrics as personal data: detection, characterization and recognition

  • What are the varying permutations of biometric technologies?
  • How are biometrics used by government and industry?
  • What types of biometric results may be considered personal data?
  • How should public policy respond to this new technology?

avilaJonathan Avila
Vice President and Chief Privacy Officer
Wal-Mart Stores, Inc., USA

12.40 – 13.00

Consent and transparency under the GDPR – will it help to build consumer trust?

  • Consumers and privacy – issues of trust
  • What does compliance with the GDPR look like in practical terms? Is this building consumer trust?
  • How can a company be compliant AND trusted by consumers?

Roslyn Vadala flagge Roslyn Vadala
Senior Legal Counsel Data Privacy
Nestlé Group, Switzerland

13.00 – 13.20

A global perspective on multi-jurisdictional investigations

■ How will the strengthened powers of EU DPAs impact the global enforcement landscape?
■ What should companies facing the onslaught of global regulatory investigations think about to best meet these challenges?
■ Learn from experienced attorneys handling worldwide privacy investigations and litigations

burton flagge-eng rubin flagge-usa

Cédric Burton, Partner, Privacy & Data Protection, Wilson Sonsini Goodrich & Rosati, Belgium
Michael Rubin, Partner, Co-Head Privacy & Data Protection, Wilson Sonsini Goodrich & Rosati, USA

13.20 – 14.20



Choose your individual subject!


Dr Martin Braun

14.20 – 14.40

Pseudonymization as a best practice for data protection

  • Pseudonymization as part of a general governance of data
  • A measure supporting data protection by design
  • As measure for further processing of data

orlandi flagge Nicola Orlandi
Head Data Privacy Pharma, Global Privacy Office
Novartis International AG, Switzerland

14.40 – 15.00

The role of the DPO in the GDPR

  • Why should you appoint a DPO?
  • What is the role of the DPO in operationalizing GDPR and the privacy management program?
  • How to implement the WP29 guideline on DPOs?

laneret flagge-fr Nathalie Laneret
Group Data Protection Officer
Capgemini, France

15.00 – 15.20

Turning the upcoming GDPR into a business enabler – the startup perspective

olstedt flagge-schweden Caroline Olstedt Carlström
Vice President Privacy
Klarna AB, Sweden

15.20 – 15.50

Coffee break

15.50 – 16.10

Broadcast meets broadband: Privacy compliance in the media sector

  • TV viewers, digital users, and e-commerce customers – how to run a homogeneous privacy program for diverse populations
  • Web, App and HbbTV – how to secure privacy compliance across multiple channels
  • Broadcast and broadband privacy legislation – how to align different regulatory regimes for converging technologies

hanloser flagge-eng Dr Stefan Hanloser
VP Data Protection Law
ProSiebenSat.1 Media SE, Germany

16.10 – 16.30

The theories of harm in privacy, data protection and antitrust law

  • Gratuitous services, indirect network effects and the definition of the relevant market
  • Can consumers pay with their personal data?
  • How to determine the value of personal data for the purposes of antitrust law assessments?
  • How will data protection law concerns impact data-driven mergers?

hoffman flagge-eng Dr Sára Hoffman
Associate, Privacy and Data Protection
Practice, Wilson Sonsini Goodrich & Rosati LLP, Belgium


Bojana BellamyMODERATOR:
Bojana Bellamy

14.20 – 14.40

Employees sensitive data collection in Eastern Europe

  • Sensitive information (e.g. health and medical condition, racial and ethnic origin, criminal background)
  • Explicit individual consent
  • Sensitive data transfer restrictions
  • Case law examples, guidance and practice

Dr Marlena Wach flagge Dr Marlena Wach
Legal Counsel, Data Privacy
Accenture, Poland

14.40 – 15.00

Coordinated data protection enforcement – The new rules of the game

  • DPA cooperation on a European, national and international level
  • The impact of competition and consumer laws on data protection enforcement
  • Organizations representing the interests of individual data subjects
  • Bundling of interests for collective redress: status quo and outlook

Dr. Friedrich Popp flagge-eng Dr Friedrich Popp
Senior Associate
Debevoise & Plimpton LLP, Germany

15.00 – 15.20

Getting ready for GDPR: a look at new tech to automate privacy

  • A current view of technology for privacy and data protection.
  • What is GDPR changing, why are current tools not sufficient, and why we need automation.
  • Novel approaches to data discovery.
  • Data risk assessment, and the operationalization of risk.
  • Data mapping automation, and how to engage the business efficiently.
  • DPIA as a continuous compliance process, vs. a one-time effort.

Dimitri Sirota flagge-usa
Dimitri Sirota, co-founder BigID, USA
Nimrod Vax, co-founder BigID, USA

15.20 – 15.50

Coffee break

15.50 – 16.10

Negotiate cloud contracts under the GDPR

  • Current situation and future
  • Respective liabilities
  • Sub-processing
  • Accountability

Paul Van den Bulck flagge-eng Paul Van den Bulck
McGuireWoods LLP, Belgium

16.10 – 16.30

Meeting the challenge of a global GDPR and BCR program

  • Experiences and lessons learnt of an international organization addressing international privacy requirements
  • Global privacy renewal program based on binding corporate rules and the requirements of the GDPR
  • Practical challenges of evolving uses of data, technologies and new business practices

gufflet flagge-engbowman flagge-eng

Myriam Gufflet, Principal, Promontory GDPR Programme Lead
John Bowman, Senior Principal, Promontory GDPR Programme Lead


GDPR Ready Workshop – A Mock GDPR Compliance Project

17 May 2017

By way of a mock GDPR compliance project, Bird & Bird Partners Ruth Boardman and Fabian Niemann will guide you through the major elements of GDPR compliance. You will learn best practices and practical solutions based on their extensive pan-European (and beyond) GDPR experience in an interactive workshop, simulating real life conditions, showing best of class experience from other participants, and including packages and material on

  • Key GDPR requirements
  • Project planing & management
  • Records of processing and (versus?) data mapping
  • Accountability, documentation & data impact assessment
  • Data protection officers
  • Privacy by design and by default
  • GDPR controller-processor terms
  • Privacy policies & data subject access rights
  • Data breaches & data incident plans
  • GDPR readiness trainings
Register now!

boardmanRuth Boardman
Bird & Bird LLP

Ruth Boardman is co-head of Bird & Bird’s International Data Protection Practice, based at Bird & Bird’s London office. She co-wrote ‚Data Protection Strategy‘ and is a former editor of the Encyclopedia of Data Protection (both published by Sweet & Maxwell). She has served on various boards of the International Association of Privacy Professional, and is currently a member of IAPP’s Education Board. Ruth Boardman is also an editorial board member of journal Data Protection Leader. Ruth has ‚Star‘ ranking for data protection advice in legal directories.
niemannDr Fabian Niemann
Bird & Bird LLP
Fabian Niemann is partner of Bird & Bird and heads their German Data Protection Group. He specializes on technology and privacy law and has a particular focus on managing international and big data protection, compliance and technology projects. He is frequently singled out as leading data protection lawyer (“Unbeatable in international data protection projects” JUVE 2016/2017; „Brilliant at data protection” IAM 1000 2015; „Highly recommended for data protection“ Legal 500 2015) and praised for its business minded advice („Good practical lawyer, very solution driven“, JUVE 2015/16).

08.30 – 9.00 Registration and welcome coffee
10.30 – 11.00 Coffee break
12.30 – 13.30 Lunch
14.30 – 15.00 Coffee break
16.00 End


Workshop Partner

Bird & Bird

Bird & Bird is an international law firm with over 1,200 lawyers in 28 offices in Europe, the Middle East and the Asia-Pacific region, with a focus on legal issues and industry sectors where technology, regulation and intellectual property have a significant impact. With over 300 lawyers specializing on tech, comms & data protection, we are among the most recognised market leaders in this area. By the Who’s Who Legal Directory, we have been ranked worldwide as the law firm with the most highly recommended lawyers in the fields of internet, e-commerce, data protection and IT.