CPDP.ai 2025: THE WORLD IS WATCHING

Date

Time

Location

Maison de la Poste

Rue Picard 5/7,

1000 Brussels

More Information

Graphic for "1000 Brussels"

Time: 8:00 – 16:00  (CET)

Date: May 21–23, 2025

The European Union has produced digital legislation at an astonishing rate, both regulating to control existing technological phenomena – such as AI – and to shape specific social constructs built upon technical phenomena – such as the European Health Data Space. Perhaps more than ever, EU digital frameworks are expected to cast regulatory shadows across the world.

However, while the Brussels effect may have proliferated specific privacy and data protection practices worldwide, it also risks reinforcing existing global power dynamics. Stringent EU data export rules can, for example, hinder the competitiveness of the Global South. Besides, many other actors shape digitalisation in very different ways, especially in times of geopolitical change. In such a context, can we expect the norm-setting, global influence of European legislation in the data protection and privacy fields to be paralleled and even strengthened in related digital legislation areas?

The Brussels effect of AI regulation may be blunted by the complexity and diversity of the governance arrangements that are created through political processes at many levels, from the local to the global. These may cut across the high aims and stringent rules adopted in Brussels, and lead to a false sense of security and lack of public confidence in the safeguarding of information rights and other values in an AI driven world. Challenges for privacy and data protection are complicated further by surveillance and data grabbing practices that constrain policymakers, industry and other digital actors. Consumer expectations and technological innovations also have a role to play. To navigate these complexities, perhaps more than ever, and in more than one way, legislators, governments, regulators, data protection officers, civil society, industry and academia across the globe are watching the digital world, and each other.

Panel: the DSA as a tool in the fight against gender-based violence

Gender-based violence keeps being a major problem online, with serious implications for our rights and freedoms. The Digital Services Act (DSA) was supposed to contribute to progress in this area, notably by obliging providers of very large online platforms and of very large online search engines to consider and act upon the possible systemic risk of negative effects in relation to gender-based violence. How is this working in practice, if it is?  This panel will notably be discuss:

  • Is the DSA making a difference already?
  • What can or must be done to get there?
  • Are all forms of gender-based violence being adequately captured?
  • Which other approaches and initiatives might be needed?

CDT Europe Speaker: Asha Allen, Director and Secretary General, CDT Europe

Panel: Effective Remedies for AI-Induced Harms: Lessons Learned from GDPR Enforcement by Data Protection Authorities

Description: Data protection authorities have collectively been at the forefront of assessing the impacts of new technologies on fundamental rights, naturally emerging as strong contenders for the role as Market Surveillance Authorities under the AI Act. With the deadline to appoint Market Surveillance Authorities approaching in August 2025, this panel aims to identify lessons learned from data protection authorities’ experience in ensuring effective remedies for data protection harms which could be applied to the AI Act’s market surveillance framework. The panel will identify the different enforcement needs for AI harms as opposed to solely data protection harms, compare and contrast the governing frameworks for data protection and market surveillance authorities and how these regulators have traditionally fulfilled their roles, and discuss how best civil society and fundamental rights authorities may support and collaborate with them.

CDT Europe Speaker: Laura Lazaro Cabrera, Counsel and Director of the Equity and Data Programme, CDT Europe

Workshop: Balancing Security and Fundamental Rights: Curbing the Spyware Trade in the EU Market

The spyware market in the EU presents a significant challenge for regulators, civil society, and industry stakeholders. Despite growing awareness and some regulatory efforts, the EU has not done enough to curb the proliferation and abuse of spyware. Weak enforcement, export control loopholes, and lack of accountability have allowed the market to thrive. This workshop will assess the state of spyware production, trade, and use in the EU, exploring potential regulatory interventions at the EU level. Experts, policymakers, and civil society representatives will come together for an interactive roundtable, designed to encourage dialogue between regulators, industry representatives, and civil society experts. The session will: – Discuss the scale and structure of the spyware market in the EU, focusing on domestic production, intra-EU trade, and third-country imports. – Highlight challenges in regulation, enforcement, oversight, and accountability of spyware abuses. – Identify opportunities for a stronger, rights-respecting EU regulatory framework.

CDT Europe Speaker: Silvia Lorenzo Perez, Director of the Security, Surveillance and Human Rights Programme, CDT Europe

More Information