Sessions were organised to foster dialogue and cooperation among researchers from both sides of the Atlantic. National supervisory authorities presented and shared their lessons learned and recommendations on topics such as privacy by design, cross-border data transfers, data breaches and legitimate interest in practice.

CyberSec4Europe – Research to Innovation

Part of the programme was reserved for European research projects and to that end, representatives from CyberSec4Europe, an official partner of the Privacy Symposium, were invited to demonstrate the results of the project’s work in developing privacy-aware software assets and the innovative approaches adopted by the vertical applications.

During the morning of 7 April, Antonio Skarmeta from the University of Murcia moderated a two-hour session – ‘Research to Innovation: Common Research Framework on Security and Privacy’ – in which ten short presentations were given, ranging from ‘Cybersecurity governance’ to ‘Privacy-preserving cyber threat intelligence sharing and enhanced intrusion detection’.

In the afternoon, David Goodman from Trust in Digital Life introduced another two-hour session – ‘Research to Innovation: Privacy-preserving Industry Application Innovations’ highlighting the work carried out on road mapping as well as the development of demonstrator use cases. Four of the seven application areas – Open Banking, Higher Education, Medical Data Exchange and Smart Cities – presented their work with an emphasis on those aspects most relevant to privacy.

At the end of the day there was a joint session demonstrating ‘European Cybersecurity Collaboration in action’ featuring representatives from both CyberSec4Europe and CONCORDIA who described common collaborative activities and innovative solutions envisioning new cybersecurity assets in the areas of cyber threat intelligence and financial incident reporting.

An international gathering

The Privacy Symposium is an international conference established to attract, present and discuss original and innovative research results and technology developments related to personal data protection and compliance with data protection legislation. This year it brought together legal and technology experts together with researchers, data protection authorities and privacy/security professionals to share their knowledge and to support international dialogue and cooperation. In over 77 sessions more than 170 international top-level speakers took the floor from organisations including the OECD, the Data Protection Unit of the Council of Europe, the UN rapporteur on the right to privacy, the European Data Protection Board (EDPB), the European Data Protection Supervisor (EDPS), the data protection authorities (DPAs) of the United States, Japan, Canada, Brazil, Mexico, Italy, France, Germany, Spain, Belgium, Hungary, UK, Switzerland and others, as well as researchers on innovative technologies.

The keynote speakers included such luminaries as Dr Andrea Jelinek  (President of the EDPB), Dr Guido Scorza (Italian Data Protection Supervisory Authority), Jane Horvath (Chief Privacy Officer, Apple), Catherine Lennmann (Swiss DPA), Julie Brill (Chief Privacy Office and Corporate Vice President, Global Privacy and Regulatory Affairs, Microsoft), Tommaso Stranieri (Partner, Deloitte Risk Advisory), Conor Hogan (Global Practice Lead on Privacy, BSI Group), as well as Vint Cerf, the so-called ‘Father of the Internet’.

The EU’s General Data Protection Regulation (GDPR) has triggered a chain reaction with many other jurisdictions around the world adopting their own regulations. At the same time, the process of digitisation has impacted all economic and societal sectors, generating an exponentially growing volume of personal data. There are many questions that arise in this context. For example, supporting the convergence of data protection requirements can only be achieved by close collaboration among and across distinct jurisdictions; and there are open questions about how to adopt data protection by design approaches with emerging innovative technologies such as AI, 5G/XG, distributed ledger technologies (DLT), extended reality (XR)/Metaverse, quantum computing, IPv6, IoT and edge computing and more.

Challenges are constantly emerging – and will continue to do so for the foreseeable future – requiring original research results and innovative approaches. What became clear throughout this event was the strong desire by all privacy professionals present to collaborate at a national, regional and global levels on resolving outstanding technical aspects and tackling issues related to compliance monitoring. The growing focus is illustrated by the many other high-quality events focused on privacy and data protection that appear somewhere in the world almost every week.

CyberSec4Europe is making a contribution to this effort, and it is to be hoped that its legacy will be reflected in next year’s event in Venice!

 

David Goodman, Trust in Digital Life