2019 Programme



32nd Annual International Conference


GDPR's Influence Ripples Around The World

1 – 3 July 2019

St. John's College Cambridge, UK



View the full Programme here.


Conference sessions include:

The added value of fair and lawful processing

Privacy as a Business Driver
• John Grant, Palantir Technologies, USA
• Josh Zweig, Palantir Technologies, USA

The Royal Free Hospital/Google Deep Mind: Digital health in the spotlight
• Peter Church, Linklaters, UK

How to make the case that privacy can be a business asset
• Alison Deighton, HelloDPO, UK
• Jenai Nissim, HelloDPO, UK


The European Data Protection Board

The European Data Protection Board, a new level of cooperation among Europe's Data Protection Authorities
• Andrea Jelinek, Chair, European Data Protection Board


GDPR implementation across the EU

EEA Member State GDPR implementation and national derogations (Title TBC)
Karolina Mojzesowicz, Deputy Head, Data Protection Unit, European Commission

EU adequacy negotiations: Countries now adequate and next applicants (Title TBC)
• Bruno Gencarelli, Head of the International Data Transfers and Protection Unit, European Commission

GDPR implementation in Italy, national derogations and new Garante top team
• Daniele Vecchi, Gianni, Origone, Grippo, Cappelli & Partners, Italy

GDPR: the Portuguese experience
• Inês Antas de Barros, Vieira de Almeida, Portugal
• Isabel Ornelas, Vieira de Almeida, Portugal


Adequacy of the UK, Jersey and Gibraltar

GDPR readiness, reaction and reality: Making waves in the digital world
Elizabeth Denham, Information Commissioner, UK

The UK's room for manoeuvre in data protection legislation after Brexit
• John Bowman, Promontory, UK 
• Elisabeth Stafford, Department for Digital, Culture, Media and Sport, UK

Privacy and Gaming on the Rock of Gibraltar 
Bradley Tosso, Gibraltar Regulatory Authority, Gibraltar

Jersey to stay in the European mainstream
Jay Fedorak, Information Commissioner, Jersey


EU Adequacy of Argentina, Brazil and South Korea

Argentina takes steps to update its data protection law
• Eduardo Bertoni, Access to Public Information Agency, Argentina

Brazil starts implementing its Data Protection Law
• Danilo Doneda, Public Law Institute, Brazil

EU Adequacy Assessment from the Korean perspective
• Kwang Bae Park, Lee & Ko, South Korea

Operating within ASEAN countries’ privacy laws and avoiding enforcement action
• Kevin Shepherdson, Straits Interactive, Singapore


Operational impact of the GDPR: DP Officer challenges

Operational impact of the GDPR: DP Officer challenges
• Lien Ceulemans, Salesforce, UK
• Debbie Evans, Kincordia, UK
• Olga Ganopolsky, Macquarie Group, Australia
• Mark Keddie, Dentsu Aegis Network, UK

Controller, processor or … joint controllers?
• Brendan Van Alsenoy, Data Protection Authority, Belgium
• Tanguy Van Overstraeten, Linklaters, Belgium
• Wojciech Wiewiórowski, Assistant European Data Protection Supervisor, Brussels

Stand and deliver: Use and misuse of subjects’ rights
• Richard Cumbley, Linklaters, UK

Trunomi: Driving trust through Permission Management
• Shawn Brown, Trunomi, UK

Data privacy and Mergers & Acquisitions: Potential deal breaker?
• Fabrizia Giacomini, 21st Century Fox, Italy
• Nigel Parker, Allen & Overy LLP, UK
• David Smith, Allen & Overy LLP, UK

International transfer trends
• Rebecca Cousin, Slaughter & May, UK
• Michelle Phillips, British American Tobacco, UK

Hot topics in employee privacy / Using WhatsApp in the Company
Ann Bevitt, Cooley, UK
Claus Ulmer, Deutsche Telelom AG, Germany

Negotiating data protection contract terms: Scenario
• Jamie Drucker, Bristows, UK
Mark Watts, Bristows, UK


Adtech and the EU e-Privacy Regulation

Facebook/Cambridge Analytica/AIQ - International Response to a Global Privacy Alarm
• James Dipple-Johnstone, Deputy Information Commissioner, UK
• Daniel Therrien, Privacy Commissioner of Canada

Navigating ePrivacy Requirements: New Ways to Tackle Consent, Cookies and Other Marketing Challenges
• Rafi Azim-Khan, Pillsbury, UK
• Ian Evans, OneTrust, UK

AdTech: Navigating the Data Protection Terrain
• James Fenelon, Bird & Bird, UK 
• Soumya Patnaik, PrivacyPerfect, Netherlands  


Collective action

Supply Chain Liability and the spectre of Class Actions
• Ashley Winton, McDermott Will & Emery, UK