THANK YOU
A heartfelt thank you to each and every one of you who contributed to the phenomenal success of the 3rd edition of the Alpine Privacy Days. Your insights, engagement, and enthusiasm made this event not just a conference, but a community coming together to share, learn, and connect in the most meaningful ways. We hope the experience was as rewarding for you as it was for us.
As we look back on the memorable moments and the invaluable knowledge exchanged, we’re filled with gratitude and excitement for what’s to come.
Stay tuned as we’re soon announcing the dates for the next edition of the Alpine Privacy Days.
INSIGHTS AND PRESENTATIONS
DAY 1
Keynote
“Life after divorce: UK data protection policy, law and regulation”
Ian Walden, Queen Mary, University of London, UK
Workshops – AI & Regulation
“AI & Privacy Concerns – the view of the Authority”
Michael Will, BayLDA, Germany & Axel von Walter, GvW, Germany
“Mastering AI Data Governance: Ensuring GDPR and AI Act Compliance in Machine Learning Projects”
Peter Hense, Partner, Spirit Legal Rechtsanwaltsgesellschaft mbH, Germany
Workshops – Advertising, Teenagers & Privacy
“Profiling/Advertising/Dark Patterns (Deep Fakes)”
Simon Menke, Otto Group, Germany & Nino Tlapak, Dorda, Austria
“Tik Tok et al. – Teenagers & Kids in US privacy law”
Dona J. Fraser, BBB National Programms, USA
Workshops – Data Space & Governance
“EU Space Data Space”
Emmanuel Mondon, Space Cooperative Europe, Germany & Cécile Théard-Jallu, De Gaulle Fleurance, France
“US Developments in Privacy”
Odia Kagan, Fox Rothschild, USA
DAY 2
Keynote
“Digital Frontiers: Exploring Today’s Hacker Threats and Countermeasures”
Martin Lutz, Axians IT Services, Switzerland
Workshops – Global Privacy Laws & Adequacy
“India and Asia’s new privacy laws: Are they adequate and will EEA companies comply?”
Sajai Singh, J. Sagar Associates, India
“Developments in Japanese privacy law & AI and Metaverse concerns”
Takashi Nakazaki, Anderson Mori & Tomotsune, Japan
Workshops – Privacy & Tech
“Privacy AI ChatBot”
Georg Krog, Signatu, Norway/Switzerland
“AI-Powered Privacy: Practical applications of LLMs for privacy professionals”
Silvan Jongerius, TechGDPR, Germany
Workshops – Back to basics (principles we are still struggling with…)
“What is a legitimate interest?” (GDPR Article 6(1)(f)) and “how can a purely commercial interest be legitimate?” based on case C-621/22″
Lee Bygrave, UiO, Norway & Rob van Eijk, The Future of Privacy Forum, Netherlands
“China’s Data Regulation – an Overview”
“Introduction to PIPL”
David Tang, Han Kun Law Offices, China
EVENT HIGHLIGHTS IN PICTURES
OUR ESTEEMED SPEAKERS
Lee Bygrave
Dr. Lee A. Bygrave is professor at the Department of Private Law, University of Oslo, where he is Director of the Norwegian Research Center for Computers and Law. He has functioned as expert advisor on technology regulation for numerous organisations, including the European Commission, Nordic Council of Ministers, Internet Corporation for Assigned Names and Numbers, UK House of Lords Committee on the Constitution, and Norwegian government. Lee is regarded as one of the world’s leading authorities on data protection law, and his work has been cited with approval by the EU Court of Justice.
Ana Hadnes Bruder
Clients turn to Ana Hadnes Bruder for strategic advice in data privacy and cybersecurity matters, including preparing for and reacting to cyber-attacks, assessing and making required data breach notifications, and analyzing data protection implications of new products and tools.
Corporations also benefit from Ana’s experience in artificial intelligence (AI) matters, her comprehensive approach to the intersection of AI, privacy and cybersecurity, as well as the proposed regulatory requirements around AI. Ana assists clients with governance best practices and AI risk management frameworks. Additionally, clients seek out Ana’s counsel on technology transactions including cloud services, data and software licensing agreements, SaaS agreements, software development projects, e-commerce, and related cybersecurity and data privacy questions.
International clients, in particular, look to Ana for advice, as she has served as legal counsel in Brazil, France and Germany.
Peter Hense
Peter Hense is head of the data, IT and technology team at Spirit Legal in Germany. He specializes in international IT and technology law, data protection and litigation. He focuses on advertising technology, sensor data, machine learning and the ethics of automated decision-making systems (accountable AI).
Dona J. Fraser
Dona J. Fraser is Senior Vice President, Privacy Initiatives & Head of the Children’s Advertising Review Unit (CARU) at BBB National Programs. Ms. Fraser provides a deep understanding of the complexities of privacy issues and the marketplace challenges facing advertisers and brings extensive experience in the self-regulation space with a track record of helping companies do the right thing for consumers. Ms. Fraser has been instrumental in driving progress in a variety of organizational initiatives, including leading the organization’s first ever PrivacyCollective Roundtable, an event that brought together privacy experts to discuss issues facing the marketplace and craft solutions. She has also overhauled and expanded services provided by BBB National Programs’ Children’s Advertising Review Unit (CARU), growing membership and nearly doubling participant numbers for the CARU COPPA Safe Harbor program— the first FTCapproved Safe Harbor program.
Silvan Jongerius
As the founder of TechGDPR, Silvan has led numerous data protection and security efforts and is the key contact for C-level engagements since 2018, providing leadership to the team of TechGDPR. He is leading client workshops and other engagements, is a frequent speaker, consultant, and educator in GDPR, blockchain, innovation and technology and has been involved in many (technology) startup projects as founder, advisor, or mentor. In addition he is the founder and president of the non-profit BerChain e.V., the founder and active member of the INATBA privacy working group, and the chapter chair of IAPP KnowledgeNet Berlin.
Odia Kagan
Odia Kagan is Partner and Chair of GDPR Compliance & International Privacy at Fox Rothschild LLP. Odia combines her in-depth knowledge of privacy and data security regulations and best practices, both domestic and international, with her keen understanding of emerging and information technologies to provide clients with practical advice on how to design and implement their products and services, consummate their M&A transactions and engage third-party vendors in the United States and abroad.
Over the past few years, Odia has assisted more than 80 companies, from U.S.-based multinationals to startups, on their path to compliance with the EU General Data Protection Regulation (GDPR). She leverages her transactional experience leading M&A and tech transactions as well as her ability to break down complex concepts into easy-to-understand action items to provide effective, ongoing counsel to clients in their day-to-day operations.
Odia is certified as a Privacy Law Specialist (PLS) and Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals (IAPP), designations that demonstrate significant achievements in and comprehensive knowledge of privacy and data protection law. She has also been certified by IAPP as a Certified Information Privacy Manager (CIPM) and a Certified Information Privacy Professional in the laws of the United States – private sector (CIPP/US), the laws of the European Union (CIPP/E) and by the PECB as a Certified Data Protection Officer (CDPO).
Georg Philip Krog
Georg Philip Krog is Co-founder & Chief Legal Counsel of Signatu. Previously Georg has been a researcher at UiO, Max Planck Institut, Stanford Law School, Harvard Law School, WIPO. He has experience doing 10 years of legal consulting. Georg holds a Cand. Jur. (MSc Law) from the University of Oslo.
Laura Liguori
Laura is a partner of the firm since 2004, after having worked for an independent law firm from 1997 to 2003 (where she was appointed as partner in 2001). Laura advises Italian and foreign clients on personal data protection, privacy, cybersecurity, IT, internet and e-commerce, artificial intelligence and IoT. She has focused for more than 25 years on data protection and privacy, compliance and litigation, commercial contracts and all legal issues concerning Internet and Ecommerce, TMT, investigations, digital, media & technology, consumer law and unfair commercial practices. Her industry focused expertise covers advertising and marketing, Life Sciences and clinical trials, fashion and luxury.
Martin Lutz
Martin Lutz is a Security Evangelist at Axians for Central Eastern Europe. He has been supporting customers on their way to strengthening IT resilience to Cyber Attacks since 2012. With the combination of leadership and technical expertise, he has led various cyber security specialists in Europe and Asia in the past. As a well-known guest lecturer and keynote speaker, he promotes new talent and innovative technologies.
Simon Menke
Simon Menke is the Head of the “Intellectual Property and Data Protection Group” at Otto Group Holding. In this role, he oversees legal guidance for data protection across Otto Group’s subsidiaries. He has been responsible for the company-wide project ensuring compliance with the requirements of the GDPR and provides advice on nearly all aspects of data protection. Prior to joining Otto Group in 2012, Simon Menke worked as a lawyer in a Hamburg-based firm specializing in Intellectual Property and Data Protection.
Emmanuel Mondon
Emmanuel Mondon founded AdviceGEO in February 2016, a “boutique” that provides specialized services for the Geospatial & Earth Observation (GEO) market, helping this particular segment to tackle the digital (r)evolution. The GEO community, like all the other communities, is deeply impacted by the digital economy. In fact, for Geospatial & Earth Observation, we should speak about a revolution, rather than an evolution, as the required changes generated by the digital economy represent a real paradigm shift.
In October 2013, he joined CloudEO AG as Business Development Manager, responsible for the business development activities of the company worldwide and for building the relationships that are essential to success. During his career, Emmanuel Mondon has held various positions at some of the most innovative geospatial solutions companies and world’s leading geospatial businesses such as EADS Fleximage, Ionic Software, ERDAS and Intergraph. He began his career based in Bucharest (Romania) then Paris (France) with IGN France International, subsidiary of the French National Institute of Geographic and Forest Information (IGN), recognized worldwide as a key player in geographic information engineering (http://www.ignfi.fr/en).
Takashi Nakazaki
Takashi Nakazaki has been engaged in an extensive range of TMT matters at Anderson Mori & Tomotsune, including telecom regulations, computers, software development, e-commerce, platform service, domain name disputes and digital forensics. His experience also includes legal advice in several fields of intellectual property and licensing, including traditional copyright, digital copyright, trademark, open source, cross boarder licensing and biochemicals. Mr. Nakazaki has also assisted many start-up clients with general corporate advice.
Sajai Singh
Sajai’s broad-based practice focuses on Mergers, Acquisitions, Joint Ventures, strategic alliances, restructurings and financings (whether debt or equity), with particular emphasis on cross- border transactions. Sajai regularly counsels overseas clients interested in investing, contracting or otherwise engaging with India, Indian business and entrepreneurs.
He is an acclaimed transactional lawyer with more than 32 years of experience representing a wide variety of industries, businesses and sectors funnel investments into India. This wealth of experience means that he understands the issues that arise in major transactions and can provide solutions to resolve these issues; providing advice that goes well beyond legal and contractual matters, and into the technical and commercial heart of the success of the transaction.
Sajai is passionate about education, and regularly conducts client education seminars, executive education programs and boot campus for young lawyers. The Cyberspace Camp™ program is one such program he has patronized and promoted in several developing nations. Sajai is the Past President of ITechLaw, the International Technology Lawyers Association. This is a first for any Asian. Sajai is also the past Chair of the International Bar Association (IBA) Technology Law Committee. Again, a first for any Asian.
Cécile Théard-Jallu
As a partner at De Gaulle Fleurance & Associés, Cécile Théard-Jallu specializes in the fields of innovative technologies, data protection / cybersecurity, commercial law, contracts and intellectual property. She helps clients through the definition and implementation of their innovation strategies (regulations relating to healthcare products and activities, including telemedicine, HDS, 3D printing, connected objects, platforms, Big & Smart Data, social robots, artificial intelligence, blockchain, 5G, Smart Healthy Cities, or mobility around the patient pathway…).Since the beginning of her career, she has carried out numerous missions involving data protection, including the GDPR, the French Data Protection Act and French or European cybersecurity regulations, in various regulatory, contractual and auditing missions, on behalf of both industrial companies and service providers, in France and abroad (R&D, marketing or commercialization phase). She is a certified advisor to companies in the process of being certified as compliant with the GDPR by the Europrivacy ® consortium, the first certification scheme of its kind, financed by H2020 funds. She represents De Gaulle Fleurance & Associés in the Cyber & Security Hub of the Systematic Cluster and has been appointed as an expert for France in the European project TEHDAS, aimed at building the regulation of the future European Health Data Area. Vice-Chair of the “Health/Life Sciences” committee and member of the “Technology” committee of the International Bar Association (IBA), she has been listed for several years in the Best Lawyers ranking published in partnership with Les Echos, in the “Biotechnologies” and “Information Technologies” sections for France.Very involved in the connected health ecosystem, in particular for medical devices players, she has written numerous articles in the specialized press and regularly hosts conferences in the sector.
Nino Tlapak
Nino Tlapak joined DORDA’s IT and Data Protection team in 2013 and is a partner since 2021. He focuses on data protection and IT-security law. Further areas of practice include e-commerce and outsourcing. Nino is well known for his data protection activities and also functions as coordinator of DORDA’s data protection unit. In addition, Nino regularly publishes articles in the field of data protection and holds lectures at the Danube-University Krems (Data Protection and Privacy – certified program), the technical colleges FH Technikum Wien and FH Campus Wien as well as the IT-Law LL.M. postgraduate program of the University of Vienna.
Nino studied law at the University of Vienna (Mag iur 2012) and completed the postgraduate programme “Information and Media Law” (LL.M. 2013).
Rob van Eijk
Dr. Rob van Eijk serves as the Future of Privacy Forum’s Managing Director for Europe. In this role, van Eijk implements FPF’s agenda in Europe, overseeing its day-to-day operations, and managing relationships with stakeholders in the industry, government, academia, and civil society. Van Eijk is a technologist with an M.Sc. from the Leiden Institute of Advanced Computer Science, Leiden University, and a Ph.D. from Leiden Law School, Leiden University, focusing on online advertising (real-time bidding).
Ian Walden
Dr. Ian Walden is Professor of Information and Communications Law at the Centre for Commercial Law Studies (CCLS), Queen Mary, University of London. His publications include Media Law and Practice (2009), Free and Open Source Software (2013), Computer Crimes and Digital Investigations (2nd ed., 2016) and Telecommunications Law and Regulation (5th ed., 2018). Ian has been a visiting professor at the universities of Texas, Melbourne and KU Leuven. Ian has been involved in law reform projects for the World Bank, European Commission, Council of Europe, Commonwealth and UNCTAD, as well as numerous individual states. Ian was an ‘expert nationaux détaché’ to the European Commission (1995-96); Board Member and Trustee of the Internet Watch Foundation (2004-09); on the Executive Board of the UK Council for Child Internet Safety (2010-12); the Press Complaints Commission (2009-14); a member of the RUSI Independent Surveillance Review (2014-15); a member of the Code Adjudication Panel at the Phone-paid Services Authority (2016-21); a member of the European Commission Expert Group to support the application of the GDPR (2017-21), Director of CCLS (2018-22), and a Non-Executive Board Member of the Jersey Competition Regulatory Authority (2020- ). Ian is a solicitor and Of Counsel to Baker McKenzie. Ian leads Queen Mary’s qLegal initiative and is a principal investigator on the Cloud Legal Project.
Axel von Walter
Axel von Walter is Partner at GvW Graf von Westphalen. He is Accredited Specialist for Copyright and Media Law, Accredited Specialist for Information Technology Law Partner Axel advises national and international companies on data protection and all issues of digitalisation, as well as on IT, e-commerce and copyright law. Axel is also a sought-after advisor in competition law and all media law. He is experienced and specialised in litigation (including interim relief). Axel is a lecturer for media and information law at the law faculty of the Ludwig Maximilian University of Munich (LMU).
Michael Will
Michael Will has been appointed President of the State Office for Data Protection Supervision for a period of five years as of February 1, 2020. He was born in Kronach in 1968, is married and the father of one child.
After studying law in Würzburg and completing his legal clerkship in Bamberg, he began his professional career as an administrative lawyer in the service of the Free State of Bavaria in 1995. After moving to the Supreme Building Authority in the Bavarian State Ministry of the Interior in 1997 and to the Bavarian State Chancellery in 2000, Michael Will took over as Head of the Department for Public Safety and Order in the Landshut District Office in 2002. In 2006, he returned to the Bavarian State Ministry of the Interior as an advisor in the field of road law at the Supreme Construction Authority.
In 2009, Michael Will was appointed head of the “Data Protection” department at the Bavarian State Ministry of the Interior for Sport and Integration. He also held the office of official data protection officer there and was a member of the Bavarian State Parliament’s Data Protection Commission. On behalf of the Bundesrat, he accompanied the entire negotiations of a EU-Council Working Party (DAPIX) on the EU General Data Protection Regulation (GDPR) from 2012 to 2015 and also performed the duties of the country observer in the committee pursuant to Article 93 of the GDPR, which is involved, for example, in the adoption of adequacy decisions by the European Commission.
Zhihua (David) Tang
Mr. Tang is Partner at Han Kun Law Offices in China. Mr. Tang’s extensive professional experience includes positions with government authorities and international and local law firms. Prior to joining Han Kun, Mr. Tang was a partner at a leading Chinese firm and had also practiced in the China practice groups of three pre-eminent international law firms. Mr. Tang has been consecutively ranked as one of the leading PRC Corporate and M&A lawyers by legal ranking organizations such as Chambers & Partners, Asialaw Profiles, and The Legal 500. He has also been appointed as an extramural graduate student advisor by Fudan University School of Law and East China University of Political Science and Law. Mr. Tang’s primary practice areas are general corporate and commercial, foreign direct investment, and cross-border mergers and acquisitions. Mr. Tang has been advising numerous Fortune 500 Global and other multinational and foreign companies on their investments, acquisitions and daily business operations since he started his professional career. Mr. Tang advises large and medium sized Chinese companies on doing business in overseas markets, particularly in assisting with Chinese companies’ outbound direct investments and mergers and acquisitions. Mr. Tang also focuses on corporate compliance and data protection. He regularly advises clients on their China operations in connection with compliance policies and guidelines, internal compliance reviews, audits, and government investigations involving commercial bribery and other regulatory compliance matters. He also conducts internal investigations for clients, including those concerning vendors and company employee conflicts of interest, self-dealing, PRC anti-bribery rules, the UK Bribery Act (2010) and the US Foreign Corrupt Practices Act. Mr. Tang regularly counsels clients on compliance matters relating to cybersecurity and data and personal information protection, assists clients in establishing data compliance systems, applying governmental procedure for cross-border data transfer, and investigating and managing data incident crises. The clients which Mr. Tang represents come from a wide variety of industry sectors such as advertisement, aircraft, automotive, clean energy, FMCG, food and beverage, hospitality, life sciences, logistics, petrochemical, power, retail, and TMT.