The EDPS and the Data Protection Officers (DPO) network of the EU institutions, bodies, offices and agencies (EUIs) met for the second time this year on 6 December 2022, at the premises of the European Maritime Safety Agency (EMSA), in Lisbon.
To mark the end of their traineeship, the EDPS and the EDPB trainees produced a podcast series of three episodes on the topic of Artificial Intelligence (AI). Titled “AI and I: a three-step approach to Artificial Intelligence”, this podcast explores what opportunities, risks and challenges AI and AI-based technologies bring to individuals, society and data protection authorities in the European Union (EU) and in the European Economic Area (EEA).
It was at the end September 2021 when the EDPS first launched its first foresight-related project, TechSonar. At that moment, we already believed the world to be a highly -complex place. Yet from September 2021 onwards, we stood by and watched in disbelief the events that unfolded at the eastern border of the European Union, which threatened the very core of our European democracy and values. Today, one thing is certain: new challenges will not cease to emerge.
The Internet Privacy Engineering Network, or IPEN, workshops bring together developers and data protection experts with a technical background from different areas in order to launch and support projects that build privacy into everyday tools and develop new tools that can protect and enhance our privacy effectively.
On 14 June 2022, following two years of online meetings due to the COVID-19 pandemic, the network of 70 Data Protection Officers (DPOs) of the EU institutions, bodies and agencies (EUIs) met in person to celebrate its 50th meeting with the EDPS.
Since the EDPS was established eighteen years ago, these meetings have been taking place twice a year. The objective has always been the same: to guide the DPO network to achieve compliance with data protection law and to support and boost cooperation between the DPOs of EU institutions, bodies and agencies.
Having marked Europe day a few days earlier at EU Open Day in Brussels, I attended the 2022 edition of the International Organisations workshop, co-organised this year by the EDPS and the World Food Programme at their premises in Rome on 12-13 May.
I can still remember how the internet was once presented to me. A space where everyone could express themselves freely, find and share information, a global force for democracy. But the dream of that great agora was never fully realised.
What was once the promise of a free and open environment was gradually replaced by walled gardens. The place for human flourishing became a space of advertising-driven business models and continuous surveillance. Digital services designed to maximise engagement, to track, to target.
Each year on 28 January, we celebrate Data Protection Day. It is a chance for all of us to reflect on what this day represents, on how far we have come in the field of data protection, on the challenges that lie ahead for data protection in Europe’s digital future.
The increased digitalisation of our societies has made individuals realise over the years that data protection concerns all of us. Individuals have become more aware of the different ways and circumstances in which their personal data may be processed.
The first rule in data protection is: if you do not need personal data, do not collect personal data.
I believe that the second rule in data protection is: if you really need personal data, then start by pseudonymising this personal data.
Pseudonymisation is a foundational technique to mitigate data protection risks. The EU’s personal data protection legislation defines pseudonymisation as the processing of personal data in such a way that this data can no longer be attributed to a specific individual, without the use of additional information.