The GDPR recognises a “risk-based approach” in several areas of data protection compliance. Controllers can adjust some data protection and security practices, taking into account factors such as the nature of the data, the resources of the organisation, and the “state of the art”.
Jurisdictions worldwide are improving their data protection frameworks—sometimes in the hope of obtaining EU adequacy, sometimes because the public demands them to do so. From definitions and principles to data subject rights, the influence of the GDPR is clear.
In this session, panellists will explore AI’s many potential GDPR pitfalls and address the “elephant in the room”: Is the AI industry fundamentally incompatible with a robust data protection regime?
The EU’s best-known regulation is not without its critics. Some argue that the law hampers innovation and imposes unnecessary costs. Others claim that the GDPR’s only problem is that regulators don’t go far enough in enforcing the law.
The EU-US data transfer problem remains unsolved after another year of GDPR enforcement. But is the light at the end of the tunnel with the EU-US Data Privacy Framework? Or will the adequacy decision go the same way as its two predecessors?
Join this session as we explore:
In this session, our panel will explore the most significant enforcement actions since the GDPR’s last birthday and consider their impact on all organisations.