Centre for Information Policy Leadership (CIPL)

At the #CIPLSummit2025 we just wrapped up a Fireside Chat with Paul Martino (Hunton Andrews Kurth LLP) on ‘The Outlook for U.S. Federal Privacy and AI Policy Legislation’. CIPL Privacy and Data Policy Manager Laila Abdelaziz?led the discussion, which explored: - Emerging legal trends at the intersection of privacy, cybersecurity and AI - The timeline of privacy and AI legislative activity in the U.S. over the past 25 years - Developments in U.S. state privacy laws - How AI legislation diverges from previous privacy legislation in the U.S. We hope attendees enjoyed this insightful discussion! #CIPLSummit2025 #privacypolicy #ai

How can companies move beyond siloed understandings of data to foster an interdisciplinary approach that integrates the identification and management of data risks with the consideration and recognition of new data uses, innovations, and opportunities? The first panel of day 2 of the #CIPLSummit2025 sought to get to the heart of this question. CIPL President Bojana Bellamy moderated a discussion on ‘Beyond Compliance: Using Data as a Business Enabler and Trust Ambassador’ with expert speakers Sebastian Gress (Mercedes-Benz Group AG), Manuj Lal (PwC), Christina Montgomery (IBM), Lorenzo Robleto (DoorDash) and Nubiaa Shabaka (Adobe). The discussion explored: - How privacy professionals can stay relevant and play an instrumental role amidst shifting corporate priorities and a changing regulatory environment - The necessary KPIs to capture the attention of the corporate board and measure progress towards organizational goals - How data can be utilized to build trust with key stakeholders Thank you to panelists for sharing your expertise! #CIPLSummit2025 #data #trust?

We just concluded the final panel of Day 1 of the #CIPLSummit2025! CIPL Privacy and Data Policy Manager Mark Smith moderated a discussion on "Privacy, AI, and Data Policy in U.S. States: Legislation and Enforcement".? ? As U.S. states have emerged at the forefront of policymaking for privacy, AI, and data policy in the United States, with Attorneys General typically taking the lead in enforcement.? ? This panel brought together Tyler Bridegan (Texas Attorney General’s Office), Chandler Crenshaw (Assistant Attorney General, Virginia), John Allen Eakins (Deputy Attorney General, Delaware), Monique Priestley (Vermont General Assembly), Stacey Schesser (Supervising Deputy Attorney General, California) and Jill Szewczyk (Assistant Attorney General, Colorado) to provide expert insights into these developments.? ? Panelists shared how they are approaching enforcement of laws around privacy, AI and data policy.? ? Thank you to all of our panelists for sharing your insights!? ? #CIPLSummit2025 #privacy #AI #datapolicy??

Our first panel of the afternoon at #CIPLSummit2025 just wrapped up! CIPL Director of Privacy and Data Policy, Matthew R. moderated a panel on "Global AI, Data, and Technology Policy: Digital Sovereignty and Beyond".?? ? “Digital sovereignty” has been a frequent focus of discourse around technology policy in recent years. 2025 has brought political changes and shifts in the global discourse around technology policy, especially with respect to AI.? ? Matthew was joined by experts Johannes Bahrke (EU Delegation to the USA), Pablo Chavez (Center for a New American Security), Emmie Hine (Yale Digital Ethics Center/University of Bologna) and Kenneth Propp (Atlantic Council) to examine the current moment and where we are headed with respect to AI, technology, and data policy – globally and in key jurisdictions.? ? Panelists considered whether the push for digital sovereignty will remain a driving theme, and whether other themes will figure prominently in the global data landscape.? ? Thank you to panelists for an enlightening discussion!? ? #CIPLSummit2025 #digitalsovereignty #data??

To operationalize Responsible AI, one needs to translate abstract human values and principles to technical specifications, as well as to trade off between design alternatives. Every design choice carries normative implications and vice versa. At the #CIPLSummit2025, Shlomi Hod (Praxif.ai) just led a hands-on workshop on ‘Balancing Trade-Offs in the Design of AI Systems’, where attendees engaged in core aspects of Responsible AI through a case study pertaining to the use of AI in social services. Participants were able to learn about the nature of trade-offs through this hands-on case study and apply this to any AI system design. Thank you Shlomi for this expert demonstration! #CIPLSummit2025 #workshop #artificialintelligence #ai?

The first panel discussion of the #CIPLSummit2025 has just concluded! CIPL Director of Privacy and Data Policy Natascha Gerlach CIPP/E moderated a discussion with Global Data Protection Regulators on 'The Future of Effective Technology and Data Regulation, Oversight and Enforcement'. Natascha was joined by leading regulators Stephen Almond (Information Commissioner's Office), Vincent Olatunji (Nigeria Data Protection Commission- NDPC), Cathal R. (Data Protection Commission Ireland), Guido Scorza (The Italian Data Protection Authority), Wojciech Wiewiorowski (EDPS - European Data Protection Supervisor), and Denise Wong (Personal Data Protection Commission (PDPC)). Panelists discussed their oversight and enforcement priorities, as well as their approaches to navigating the sometimes conflicting demands of protecting individuals, compliance with applicable laws and enabling innovation and beneficial use of data and technology. The discussion explored: - How AI-related issues feature in regulatory work - Regulatory views on the comparative effectiveness of ex ante guidance and engagement with regulated entities and ex post enforcement and how they prioritize between them - Whether and how regulatory bodies can employ a risk-based approach in their enforcement decisions - Whether and how regulators seek to encourage and incentivize organizational accountability - Whether current data protection and other applicable laws are sufficient in the rapidly changing AI-driven digital economy and society Thank you to panelists for sharing your insights! #CIPLSummit2025 #regulation #data #ai?

The #CIPLSummit2025 is underway! To open up the first day of the Summit, CIPL President Bojana Bellamy sat down with Heather Domin, PhD, Vice President and Head of Responsible AI and Governance at HCLTech, and Ed Britan, Senior Vice President for Global Privacy and Marketing Legal at Salesforce, for a Fireside Chat on 'AI Agents: The State of the Art in Technological Development and Responsible Deployment'. The discussion centered around one of the most exciting trends at the frontier of artificial intelligence development and deployment: agentic AI. The discussion outlined: - The current state of the art in development of agentic AI; -?How agentic AI can be useful across a range of workplace scenarios; -?How agentic AI can enhance data privacy; -?How organizations can create governance programs to guide responsible development and deployment; -?Ways that policymakers and regulators can foster responsible and beneficial use of agentic AI technology. Thank you Heather and Ed for sharing your expertise! #CIPLSummit2025 #agenticai #artificialintelligence #ai?

NEW FROM CIPL ?? CIPL Response to India’s Ministry of Electronics and Information Technology’s Consultation on its AI Governance Guidelines Development Report On Thursday, February 27, 2025, CIPL submitted comments on India’s Ministry of Electronics and Information Technology’s Consultation on its AI Governance Guidelines Development Report. Our response commends India’s efforts to guide the development of a trustworthy and accountable AI ecosystem in India and the work undertaken by the Subcommittee on AI Governance and Guidelines Development to publish the report. CIPL has provided specific feedback to each of the report’s recommendations, including: - Adopting a technology-neutral, principle- and outcome-based framework - Defining key concepts and terms to align with existing international standards - Ensuring that transparency does not compromise other crucial considerations (e.g., usability, data security, etc.) - Exercising caution with third-party review requirements - Considering the suitability of technical measures (e.g., PETs/PPTs) to address AI-related risks See our full response below ?? Download a copy here: https://lnkd.in/eUnK38sW #aigovernance #artificialintelligence #ai

NEW FROM CIPL: CIPL Response to the European Data Protection Board’s Public Consultation on Draft Guidelines 01/2025 on Pseudonymisation ? This month, CIPL provided comments on the European Data Protection Board Draft Guidelines 01/2025 regarding pseudonymisation within the GDPR framework. ? Our response commends the EDPB’s efforts to clarify the use and benefits of pseudonymisation for controllers and processors in the EU. CIPL has identified several topical areas for attention in the Guidelines and presents targeted recommendations for the EDPB’s consideration, including: ? - Timing of the draft Guidelines - The complexity and lack of readability of the draft Guidelines - Differentiating between pseudonymisation and anonymisation - Practical guidance on assessing and measuring pseudonymisation - The benefits of pseudonymisation on data subject rights - The conditions for pseudonymisation to support data transfers - How privacy-enhancing technologies can complement pseudonymisation See our full response below ?? #data #EU #consultation

Today, CIPL hosted a roundtable in Brussels on 'GDPR Procedural Regulation - One Year Later - Where Are We Now?' which brought together a variety of stakeholders to assess the progress and potential impact of the proposed Regulation currently under negotiation. Participants considered four key overarching questions: 1. Does the Regulation under negotiation provide individuals with a prompt and effective resolution of their complaints? 2. Does the Regulation promote harmonisation and foster mutual trust? 3. To what extent does the Regulation strengthen the position of the Lead Supervisory Authority and enhance the operation of the One-Stop-Shop mechanism in the implementation of the GDPR? 4. Is the proposal in line with the provisions of the GDPR? In addressing these questions, participants discussed various themes including the rights of parties, cooperation between Data Protection Authorities and procedural rules. Thank you to participants for sharing your insights Dr. Markus Wünschelbaum, Miko?aj Barczentewicz, Bojana Bellamy, Christopher Docksey, Paul McDonagh-Forde, Isabelle Vereecken, John Kavanagh, Gloria González Fuster, Lorelien Hoet, Dr M.R. (Mark) Leiser, Natascha Gerlach CIPP/E, Lukas Adomavicius, and Zeta Rizikianou! We will follow up with key takeaways from the discussion soon! #GDPR #data #digital #trust