Brussels Privacy Hub Summer Academy 2025 cover image
June 16, 2025 at 8:45 PM — June 16, 2025 at 9:30 PM
Keynote: Expectations and Realities: Managing Data and AI Challenge

Thibault will explore the practical challenges of governing data and artificial intelligence, with a particular focus on privacy issues. Drawing on his expertise in entrepreneurship, data sciences and ethics in this matter, he will share a wide range of insights.

Thibault Helleputte picture
Thibault Helleputte
June 16, 2025 at 9:30 PM — June 16, 2025 at 11:00 PM
From Data to Models: Governing Personal Data in the Age of AI

As AI systems become more powerful and pervasive, questions around how we govern personal data—especially sensitive or special category data—are more urgent than ever. This lecture explores the evolving legal frameworks for handling personal data and the models built on it, examining how current rules align (or clash) with the realities of AI development and deployment.

Sophie Stalla-Bourdillon picture
Sophie Stalla-Bourdillon
Michaël Van den Poel picture
Michaël Van den Poel
Andres Algaba picture
Andres Algaba

Coffee break

June 16, 2025 at 11:35 AM — June 16, 2025 at 12:45 PM
Panel: GDPR Challenges in the AI Era: Time for a Reset?

The GDPR remains a global benchmark for data protection—but is it still fit for purpose in the age of AI? This panel will focus on the principle of lawfulness and examine how the GDPR applies to the training and deployment of AI systems. As the EU’s simplification agenda gains momentum, the panel will then zoom out and broaden the analysis to explore what meaningful interventions could be considered to strike the right balance between legal certainty, innovation, and the effective protection of fundamental rights.

Pablo Trigo Kramcsák picture
Pablo Trigo Kramcsák
Natascha Gerlach picture
Natascha Gerlach
Kai Zenner picture
Kai Zenner

Lunch Break

June 16, 2025 at 2:00 PM — June 16, 2025 at 3:00 PM
Exploring the Reuse of Health Data under the EHDS
Prof. Dr. Paul Quinn picture
Prof. Dr. Paul Quinn
June 16, 2025 at 3:00 PM — June 16, 2025 at 5:00 PM
Workshop: Sensitive Processing in the Workplace
Vicenzo Tiani picture
Vicenzo Tiani
June 17, 2025 at 9:00 PM — June 17, 2025 at 10:00 PM
Data Overlaps: The Intersection of Trade Secrecy and Data Law

This lecture offers an overview of multiple legal regimes overlapping on data. In particular, it addresses the contested personal-non-personal data dichotomy and sheds light on how trade secrecy intersects secondary law on data, including the GDPR, the Data Act and the Health Data Space Regulation.

Tommaso Fia picture
Tommaso Fia
June 17, 2025 at 10:00 AM — June 17, 2025 at 11:15 AM
The Future of the Data Privacy Framework
Rowin Jansen picture
Rowin Jansen

Coffee break

June 17, 2025 at 11:45 AM — June 17, 2025 at 1:00 PM
Panel: Data Without Borders? Navigating Transfers in a Geopolitical Storm

Data transfers across borders are getting harder to manage—caught between fast-moving tech, shifting rules, and rising geopolitical tensions. As governments push for greater strategic autonomy over their digital infrastructure and data, balancing openness with control has never been more complex. This panel explores the challenge from three angles: how the European Commission is reviewing and updating its tools to keep transfers legal and workable, how the OECD’s “Data Free Flow with Trust” initiative aims to build global alignment (especially around financial and payment data), and what key trade-offs emergingin practice—zooming in on health data and the role of safeguards like anonymisation and pseudonymisation.

Estelle Massé picture
Estelle Massé
Giuseppe Bianco picture
Giuseppe Bianco

Lunch Break

June 17, 2025 at 2:00 PM — June 17, 2025 at 5:00 PM
Workshop: The Duties of Data Controllers
Nikolaos Theodorakis picture
Nikolaos Theodorakis
June 18, 2025 at 9:00 AM — June 18, 2025 at 10:00 AM
The Cyber Resilience Act
Claudio Teixeira picture
Claudio Teixeira
June 18, 2025 at 10:00 AM — June 18, 2025 at 11:15 AM
Unlocking Access: Legal Entitlements and Obligations in Chapter II of the Data Act
Muhammed Demircan picture
Muhammed Demircan
Heidi Waem picture
Heidi Waem
Simon Verschaeve picture
Simon Verschaeve

Coffee break

June 18, 2025 at 11:45 AM — June 18, 2025 at 1:00 PM
Panel: Cybersecurity and Strategic Autonomy: Can the EU Have Both under NIS2?

As the EU advances its cybersecurity ambitions through the implementation of the NIS2 Directive, important questions arise about how these strengthened regulatory requirements align with the Union’s broader goal of achieving strategic autonomy in the digital sphere. This panel will take stock of the current state of NIS2 transposition and implementation, assess whether it effectively addresses the fragmentation and inconsistencies observed under NIS1, and examine whether the push for enhanced cybersecurity—through improved risk management, incident reporting, and supply chain security—can be successfully aligned with efforts to reduce reliance on foreign technologies and external actors.

Eyup Kun picture
Eyup Kun
Sebastijan Čutura picture
Sebastijan Čutura
Stéphan André picture
Stéphan André
Boryana Hristova-Ilieva picture
Boryana Hristova-Ilieva

Lunch Break

June 18, 2025 at 2:00 PM — June 18, 2025 at 5:00 PM
Workshop: Navigating Data Sharing under the Data Act: Practical insights

This workshop explores practical applications of data sharing under the EU Data Act Regulation through a series of case studies. Participants will examine how the Regulation facilitates access to and reuse of data across sectors, identify challenges in implementation, and discuss potential legal and governance implications. The workshop encourages interactive dialogue between participants to draw actionable insights from real-world examples.

Barbara Lazarotto picture
Barbara Lazarotto
Maciej Skonieczka picture
Maciej Skonieczka
June 19, 2025 at 9:00 AM — June 19, 2025 at 10:30 AM
Panel: Safeguarding Minors Online: Age Assurance, Platform Responsibilities, and Fair Digital Practices

With the Digital Services Act (DSA) introducing new obligations for online platforms—and new guidelines on Article 28 expected from the European Commission—the protection of minors is now at the forefront of the EU's digital policy agenda. This panel will examine how best to safeguard young users online, drawing on the DSA, EU data protection, and consumer law frameworks. It will explore the effectiveness and limitations of current age verification and assurance methods, alongside the broader responsibilities of platforms to mitigate risks. What legal and technical measures are truly fit for purpose—and how can different regulatory approaches work together to create an age-appropriate digital environment for children and teens?

Janine Patricia Santos picture
Janine Patricia Santos
Urs Buscke picture
Urs Buscke
Desara Dushi picture
Desara Dushi
Leanda Barrington-Leach (Ms) picture
Leanda Barrington-Leach (Ms)
June 19, 2025 at 10:30 AM — June 19, 2025 at 11:30 AM
Systemic Risk Assessment under the DSA
Aleksandra Kuczerawy picture
Aleksandra Kuczerawy

Coffee break

June 19, 2025 at 12:00 PM — June 19, 2025 at 1:00 PM
Risk Assessment under the AI Act
Gianclaudio Malgieri picture
Gianclaudio Malgieri

Lunch Break

June 19, 2025 at 2:00 PM — June 19, 2025 at 4:00 PM
Meeting the European Commission: Discussing DSA & AI Act Enforcement

Join representatives from the European Commission for an in-depth discussion on the enforcement of the Digital Services Act (DSA) and the AI Act. This session will provide insights into the Commission’s priorities, challenges, and upcoming actions in overseeing these landmark regulations. Whether you are a policymaker, practitioner, or researcher, this is a rare opportunity to engage directly with those shaping the enforcement landscape of digital regulation in the EU.

June 19, 2025 at 6:00 PM — June 19, 2025 at 7:00 PM
An Evening Tea at the EDPS: Reflections on Data Protection Enforcement

Following the meeting at the European Commission, the Summer Academy will head to the EDPS headquarters for an exclusive evening gathering where we will reflect on the past and future of data protection enforcement. Over tea and informal discussions, we will explore key challenges regulators face, lessons learned from enforcement actions, and the evolving role of data protection authorities in a rapidly changing digital world.

Networking Drinks & Tapas Reception

Following the EDPS discussion, we invite you to continue the conversation over drinks and tapas in a relaxed setting. This networking session will provide a fantastic opportunity to connect with fellow participants in an informal and engaging atmosphere.

June 20, 2025 at 9:00 AM — June 20, 2025 at 10:00 AM
The Brussels effect as regulatory performance: a deep dive into Brazil’s data protection landscape

This session explores how Brazil’s General Data Protection Law (LGPD) reflects and diverges from European data protection norms, particularly under the influence of the Brussels Effect. We’ll unpack regulatory convergences, institutional developments, and Brazil’s role in the global data governance debate.

Lucas Anjos picture
Lucas Anjos
June 20, 2025 at 10:00 AM — June 20, 2025 at 11:00 AM
Deep Dive into UK Law
Henry Pearce picture
Henry Pearce

Coffee break

June 20, 2025 at 11:15 AM — June 20, 2025 at 12:15 PM
Deep Dive into Chinese Law
Wenlong Li picture
Wenlong Li
June 20, 2025 at 12:15 PM — June 20, 2025 at 1:00 PM
Closing Keynote: AI, Big Data & Data Protection: The Legal Battleground
Hielke Hijmans picture
Hielke Hijmans