Disruptive Tech Era
In recent years, the European Union (EU) has developed a Data Regulation Stack—a layered framework of legislation designed to govern digital data practices and emerging technologies. At its foundation lies the General Data Protection Regulation (GDPR), which safeguards individuals’ fundamental rights. Building upon this core, additional layers pursue complementary objectives, including cybersecurity, competition, platform accountability, data sharing, and AI governance. These layers include the NIS2 Directive, the Digital Services Act (DSA), the Digital Markets Act (DMA), the Data Act (DA), the AI Act, and the Cyber Resilience Act, the European Health Data Space Regulation, with more regulations on the horizon, although EU lawmakers are currently under significant pressure to slow down the legislative process.
Each layer addresses distinct aspects of the digital economy—ensuring fair competition, enhancing cybersecurity, promoting transparency in online platforms, and setting guardrails for AI development and deployment. Together, these regulations form a cohesive yet intricate stack designed to uphold fundamental rights, foster market fairness and resilience, and mitigate systemic risks in the digital ecosystem.
However, while this regulatory framework is meant to address the challenges posed by data-driven business models, algorithmic decision-making, and artificial intelligence, its effectiveness depends not just on individual layers but also on their interactions, and—perhaps most critically—on the strength and consistency of enforcement across diverse sectors.
While maintaining a strong focus on the foundational data protection layer, this Summer Academy will provide participants with an in-depth exploration of the EU Data Reg Stack, analyzing its structure, objectives, and enforcement challenges. Through expert-led discussions and interactive sessions, participants will engage with key questions, including:
- How do different layers reinforce or challenge each other?
- What are the key implications for stakeholders?
- How are enforcement bodies handling conflicts and ambiguities across layers?
- Where are the gaps?
Additionally, participants will compare the EU Data Reg Stack with emerging regulatory frameworks worldwide, including those in South America, Asia, and the UK, assessing similarities, differences, and lessons to be learned.
By the end of the program, participants will have a comprehensive understanding of the main pillars of the EU’s digital rulebook, the challenges of regulatory enforcement, and the evolving global landscape of digital governance.
Certificate: At the end of the course, each participant will receive a certificate indicating their completion of the program.
IAPP: Members of the International Association of Privacy Professionals (IAPP) can obtain CPEs for attending the Brussels Privacy Hub Summer Academy 2025. (check the link for instructions).
Registration Fee:
The registration fee includes course participation and seminar materials.
€1800 Regular
€1400 Former BPH Summer Academy Attendees and Consumer Leadership Academy attendees
€900 Reduced PhD Student Fee (subject to verification of PhD student status)
Contact:
In case of doubt, contact us at BPHSummerAcademy [at] vub [dot] be