Participant log-in

8:45 h. – 9:00 h.

Welcoming message

9:00 h. – 10:00 h.
10:00 h. – 10:10 h.

Keynote Speech (I): Technological evolution: human intervention in mass data processing

10:10 h. – 10:40 h.
Presenter: Elizabeth Coombs, Associate Professor at University of Malta.
Keynote speaker: Jennifer King, Privacy and Data Policy Fellow at Stanford University.

The evolution of information technologies has allowed massive data processing to be carried out in a simple way, which has meant new risks that include fundamental aspects of the individual and issues that belong to their most intimate and private sphere. The technological advance nowadays allows us to profile the population in an automated way without an exhaustive analysis of the impact that this profiling generates on the development of human beings.

The importance of humans generating neutral, equitable algorithms with a human rights perspective is one of the significant challenges we face today. It is necessary to guarantee that there are mechanisms that allow human intervention in decision-making that could be far-reaching and safeguard human rights in the digital age.

  • What are the consequences for human development from this perspective?
  • What should be taken into account, from a human rights perspective, to develop and adopt new technologies?
  • How do we protect human rights as we make use of information technologies?
  • Is there a limit to the implementation of automated decisions?
Elizabeth CoombsElizabeth Coombs
Jennifer KingJennifer King

Panel I: Data Protection and Human Rights: Mass surveillance by facial recognition and analysis of metadata

10:45 h. – 11:45 h.
Moderator: Omar Seghrouchni, President of the National Supervisory Commission for the Protection of Personal Data of Morocco.
1. Heng Xu, Professor and Director of Kogod Cybersecurity Governance Center at Kogod School of Business
2. Claudia del Pozo, Director of the Eon Resilience Lab at C Minds
3. Brenda Leong, Senior Counsel and Director of Artificial Intelligence and Ethics at Future of Privacy Forum
4. Ann Cavoukian, Executive Director at Global Privacy and Security by Design Centre

The right to privacy also protects the ability of the human being to travel in public spaces without being monitored or identified. Mass surveillance through facial recognition technologies violates this and other human rights. The metadata analysis allows monitoring and generating profiles of human beings in the digital era, allowing their identification; however, these technologies have repeatedly proven the need for improvement by incorporating the protection of personal data and other human rights into their policies.

Through statements made by various experts, these technologies are far from perfect and are often ineffective in carrying out the tasks for which they were designed.

  • What should the principles for the design of algorithms from a human rights perspective be?
  • What are the implications for privacy and free movement with the implementation of these technologies?
  • Could metadata analysis be the equivalent of mass surveillance at the digital level?
  • Under what assumption would the use of facial recognition technologies be correct and legal?
Omar SeghrouchniOmar Seghrouchni
Heng XuHeng Xu
Claudia del PozoClaudia del Pozo
Brenda LeongBrenda Leong
Ann CavoukianAnn Cavoukian
11:45 h. – 11:55 h.

Keynote Speech (II): Privacy and Pandemic COVID-19: Vaccine Passports and Similiar Certificates

11:55 h. – 12:25 h.
Presenter: Elizabeth Denham, UK Information Commissioner and Chair of the GPA.
Keynote speaker: Alessandra Pierucci, Chair of the Committee of Convention 108 at Council of Europe.

One of the consequences left by the COVID-19 pandemic resulted in the proposal by some regulators to issue and request documents or certificates that prove the immunization and good health of their population and foreigners who visit their jurisdictions.

However, the handling of this sensitive personal data implies a severe and latent risk of discrimination. Never before in history has it been considered to subordinate the free movement of people with the aspects mentioned above. There is no in-depth analysis of the consequences in the medium and long term of implementing said measures or whether they will be effective even though they may violate privacy and other possible human rights.

  • Is there a proportional relationship between the measure adopted and the protection of personal data?
  • Under what standard would the implementation of this measure be plausible?
  • Is there the possibility of implementing this measure incorporating privacy by design and by default?
Elizabeth DenhamElizabeth Denham
Alessandra PierucciAlessandra Pierucci

Panel II: Promotion of an ethical approach into organizations

12:30 h. – 13:30 h.
Moderator: Raymund Liboro, Privacy Commissioner and Chairman of the National Privacy Commission of Philippines.
1. Stephen Bonner, Executive Director of Regulatory Futures and Innovation at the Information Commissioner's Office UK
2. Irina Raicu, Director of the Internet Ethics Program of the Markkula Center for Applied Ethics
3. Constanza Gómez Mont, Founder and President at C Minds
4. Bojana Bellamy, President at Hunton Andrews Kurth LLP´s Centre for Information Policy Leadership (CIPL)

The constant technological evolution, the underfunding of regulatory bodies and the massive use of information have led to the regulatory bodies not always keeping up with technological progress. This situation entails implications for the adequate fulfilment of data protection rights and the human right of protecting privacy; however, complementary mechanisms are raised to face unforeseeable situations. The current legal frameworks and regulations leave some space for ethical principles to boost compliance efforts.

From this perspective, through the use of an ethical approach in regulatory and normative frameworks, flexible implementations adapted to new technological innovations can be built guaranting personal data protection from its design.

  • Should ethical frameworks be mandatory under any circumstances?
  • Which components of ethics should be considered in the development of recommendations and self-regulatory frameworks?
  • Who should apply the oversight mechanism to oversee the proper implementation of these ethical frameworks?
  • What progress has been made since the 2018 GPA by all stakeholders, including data protection and privacy authorities, to develop ethical dimensions to compliance frameworks in AI?
Raymund LiboroRaymund Liboro
Stephen BonnerStephen Bonner
Irina RaicuIrina Raicu
Constanza Gómez MontConstanza Gómez Mont
Bojana BellamyBojana Bellamy
Lunch Break
13:30 h. – 14:30 h.
Parallel Sessions I - V

I. Data Analytic users: considerations in privacy

14:30 h. – 16:30 h.
Moderator: Steve Wood, Deputy Commissioner at the Information Commissioner's Office, UK.
1. Eduardo Ustarán, Global Co-Head at Hogan Lovells Privacy and Cybersecurity
2. Daniel Leufer, Europe Policy Analyst at Access Now
3. David Banisar, Senior Legal Counsel at ARTICLE 19
4. Lucie Audibert, Legal Officer at Privacy International
5. Caitlin Fennessy, VP & Chief Knowledge Officer at IAPP
6. Ed Britan, Vice President, Associate GC, Head of Global Privacy at Salesforce

In the field of technological innovation, the way of doing business is changing rapidly. It has modified practices in most industrial sectors, which has benefited companies in better and informed decision-making regarding services or products.

Therefore, it is vital to know precisely how data analysis shapes a company's decision-making. What evidence must be considered regarding privacy in the design process and the experience offered to users?

  • What is data analytics?
  • How this data analysis can be used to become a powerful information tool?
  • What are the effects identified in terms of user privacy?
  • How could privacy by design and by default schemes be established to guarantee the protection of data protection this right?
  • Are there specific considerations regarding services and products for minor users?
Steve WoodSteve Wood
Eduardo UstaránEduardo Ustarán
Daniel LeuferDaniel Leufer
David BanisarDavid Banisar
Lucie AudibertLucie Audibert
Caitlin FennessyCaitlin Fennessy
Ed BritanEd Britan

II. United Nations Agenda 2030: The protection of personal data

14:30 h. – 16:30 h.
Moderator: Adrián Alcalá Méndez, INAI Commissioner.
1. Massimo Marelli, Head of Data Protection Office at the International Committee of the Red Cross (ICRC)
2. José Luis Rodríguez Álvarez, President of the Council for Transparency and Good Governance of Spain
3. Carmela Troncoso, Head of the SPRING Lab and Assistant Professor at EPFL (Switzerland)
4. Mariana Salazar Albornoz, Member of the Inter-American Juridical Committee of the Organization of American States
5. Mila Romanoff, Data Policy and Governance Lead at United Nations

The COVID-19 pandemic has become a global emergency with devastating consequences of loss of life and economic contraction, which significantly impedes progress towards achieving the United Nations Sustainable Development Goals.

There is growing evidence that data collection, use, dissemination, and processing can help limit the spread of the virus and speed recovery, primarily through digitally locating contacts.

  • What is the future of privacy and data protection in a health emergency environment in the future?
  • How to guarantee the protection of these rights with the support of the UN and the SDG with a view to the year 2030?
  • Is it necessary to include a specific objective within this 2030 agenda, or should the protection and guarantee of these rights be mainstreamed?
  • Which will be the role of vaccination certificates and similar and how to ensure these documents do not violate our persona data?
Adrián Alcalá MéndezAdrián Alcalá Méndez
Massimo MarelliMassimo Marelli
José Luis Rodríguez ÁlvarezJosé Luis Rodríguez Álvarez
Carmela TroncosoCarmela Troncoso
Mariana Salazar AlbornozMariana Salazar Albornoz
Mila RomanoffMila Romanoff

III. Inclusive Policies: Poverty and marginalization sectors in the protection of personal data

14:30 h. – 16:30 h.
Moderator: Óscar Mauricio Guerra Ford, INAI Commissioner.
1. Gabriela Zanfir Fortuna, Vice President for Global Privacy at Future of Privacy Forum
2. Valeria Milanes, Executive Director of ADC (Asociación por los Derechos Civiles), Argentina
3. Fredesvinda Montes, Senior Financial Sector Specialist at World Bank
4. Malavika Raghavan, Senior Fellow for India at Future of Privacy Forum
5. Gianclaudio Malgieri, Associate Professor of Law and Technology at the Augmented Law Institute of EDHEC Business School (Lille)

Today, growing technological innovation and unlimited access to the internet have not benefited all sectors of the population in our countries. There is still an essential lag resulting from the digital divide that must now be put at the center of the discussion.

The poverty and marginalization existing in our nations mean that not all people enjoy the same benefits and protection of their personal data. We must pay attention and prioritize the most vulnerable sectors that also become targets of violations more easily. On the one hand, considering those who do not have access to these tools. On the other hand, those who have access but do not know how to use them and finally, the quality of use based on the differences between users.

  • How to guarantee the implementation of inclusive policies that are key to disseminating and ensuring data protection and privacy rights in these population sectors?
  • What should be the main points to consider in these policies to give certainty to these vulnerable sectors?
  • What are the best practices identified that could be adopted to guarantee the access and use of these technologies, and what would be the impact on protecting privacy rights and data protection?
Óscar Mauricio Guerra FordÓscar Mauricio Guerra Ford
Gabriela Zanfir FortunaGabriela Zanfir Fortuna
Valeria MilanesValeria Milanes
Fredesvinda MontesFredesvinda Montes
Malavika RaghavanMalavika Raghavan
Gianclaudio MalgieriGianclaudio Malgieri

IV. Regional cooperation in mattters of privacy and personal data

14:30 h. – 16:30 h.
Moderator: Francisco Javier Acuña Llamas, INAI Commissioner.
1. Clarisse Girot, Director for Asia Pacific at Future of Privacy Forum
2. Yeong Zee Kin, Deputy Commissioner at Personal Data Protection Commission, Singapore
3. Danilo Doneda, Board Member at International Association of Privacy Professionals
4. Javier López González, Senior Trade Policy Analyst at OECD
5. Caroline Louveaux, Chief Privacy Officer at Mastercard

As data transfer has become an accelerator of the economy and has demonstrated efficiency and quality in the results obtained, combined with the implementation of various regulations on data protection around the world, it is necessary to make a balance and highlight what have been the legislative innovations and the best practices implemented by the different authorities to guarantee the adequate and free flow of data.

  • What legislative measures or updates have led to the free and adequate data flow in your region?
  • Which measures or innovations could be considered good practices to facilitate the secure exchange of data?
  • Do you consider that the diversity of existing standards generates trust and effectiveness in data transfer, or it has become an additional requirement for companies to meet?
Francisco Javier Acuña LlamasFrancisco Javier Acuña Llamas
Clarisse GirotClarisse Girot
Yeong Zee KinYeong Zee Kin
Danilo DonedaDanilo Doneda
Javier López GonzálezJavier López González
Caroline LouveauxCaroline Louveaux

V. A cross-regional conversation: effective tools for secure-free data flows

14:30 h. – 16:30 h.
Moderator: Cristopher Ballinas Valdés, Director General for Human Rights and Democracy, Ministry of foreign Affairs, México.
1. Nelson Remolina Angarita, Deputy Superintendent for Data Protection, Superintendence of Industry and Trade of the Republic of Colombia
2. Andrea Jelinek, Chair of the European Data Protection Board
3. Marguerite Ouedraogo Bonane, President of the Commission for Information Technology and Civil Liberties of Burkina Faso
4. José Luis Piñar Mañas, Vice-rector for International Affairs of the CEU University of San Pablo Madrid, Former Director of the Spanish Data Protection Agency.

Over time, it has been shown that working in cooperation networks facilitates understanding and leads to establishing objectives and results of common interest to its members. In terms of privacy and data protection, there are currently various networks of data protection authorities that exchange knowledge, good practices and provide guidance and follow-up on common problems at the regional or international landscape.

  • What strategies or regulations are necessary to achieve a global convergence that guarantees personal data and privacy protection?
  • What are the benefits and achievements derived from networking?
  • What are the difficulties and challenges faced by the members of these work networks to obtain the expected results and achievements?
Cristopher Ballinas ValdésCristopher Ballinas Valdés
Nelson Remolina AngaritaNelson Remolina Angarita
Andrea JelinekAndrea Jelinek
Marguerite Ouedraogo BonaneMarguerite Ouedraogo Bonane
José Luis Piñar MañasJosé Luis Piñar Mañas

End of the first day

16:30 h.

Participant log-in

8:15 h. – 8:30 h.

Summary of the first day

8:30 h. – 8:55 h.
Presenter: Norma Julieta del Río Venegas, INAI Commissioner.
Norma Julieta del Río VenegasNorma Julieta del Río Venegas

Keynote Speech (III): Data Flows with Trust

9:00 h. – 9:30 h.
Presenter: Jonathan Mendoza Iserte, Personal Data Protection Secretary at INAI.
Keynote speakers:
1. Mieko Tanno, Chairperson of the Personal Information Protection Comission of Japan
2. Bruno Gencarelli, Head of Data Flows and Protection Unit at the European Commission

Ensuring free flow of data across borders is important to make the best use of data, and “trust” that privacy and data protection will not be wavered even if data is transferred across borders is essential.

Jonathan Mendoza IserteJonathan Mendoza Iserte
Mieko TannoMieko Tanno
Bruno GencarelliBruno Gencarelli

Panel III: The future of privacy and technology: challenges and possible solutions

9:30 h. – 11:00 h.
Moderator: Wojciech Wiewiórowski, European Data Protection Supervisor.
1. Erin Egan, VP of Public Policy and Chief Privacy Officer for Policy
2. Jane Horvath, Chief Privacy Officer at Apple
3. Keith Enright, Chief Privacy Officer Google
4. Damien Kieran, Chief Privacy Officer at Twitter
5. Andrew Clearwater, Chief Trust Officer at One Trust

Explanation of the next technology and data drivers, privacy challenges and solutions.

Privacy by Design, Privacy by Default and Accountability as key elements to guarantee the proper compliance with data protection and privacy legislation.

Wojciech WiewiórowskiWojciech Wiewiórowski
Erin EganErin Egan
Jane HorvathJane Horvath
Keith EnrightKeith Enright
Damien KieranDamien Kieran
Andrew ClearwaterAndrew Clearwater
11:00 h. – 11:10 h.

Keynote Speech (IV): Artificial Intelligence and Democratic Values: The Role of Data Protection

11:15 h. – 11:45 h.
Presenter: Josefina Román Vergara, INAI Commissioner.
Keynote speaker: Marc Rotenberg, President and Founder at Center for AI and Digital Policy.

As AI techniques are more widely deployed, new challenges to democratic values and fundamental rights have emerged. International organizations and national governments have set out new policy frameworks to respond to these challenges. But the core principles of "fairness, accountability, and transparency” in these policy frameworks are familiar to those in the data protection field. This talk will examine the unique responsibilities of Data Protection Agencies in the realm of AI policy. Building on a global study of AI policies and practices in 30 countries, Marc Rotenberg will describe the relationship between AI policies and democratic values and how public officials will need to establish a strong foundation for data protection to ensure the development of trustworthy and human-centric AI. The alternative will be a world of “Inverted accountability,” with machines making "black box" decisions about people, unexplainable, unaccountable, and without human control.

  • What steps should DPAs take to address the growing challenges of AI and the Internet of Things?
  • How important are Algorithm Impact Assessments?
  • What is the relationship between the GDPR and AI policy instruments?
  • Which new challenges does AI present that are not sufficiently covered in data protection law?
  • Which challenges are most pressing and should be prioritized by privacy agencies?
Josefina Román VergaraJosefina Román Vergara
Marc RotenbergMarc Rotenberg

Panel IV: The challenge of compliance: The perspective of Data Protection Officers

11:45 h. – 12:45 h.
Moderator: John Edwards, New Zealand's Privacy Commissioner.
1. Lara Kehoe Hoffman, Vice President, Data Privacy and Security (Legal) and Global Data Protection Officer at Netflix
2. Barbara Cosgrove, Vice president and Chief Privacy Officer at Workday
3. Anna Zeiter, Associate General Counsel and Chief Privacy Officer at eBay
4. Takeshige Sugimoto, Managing Partner and a founding partner of S&K Brussels

The role of Data Protection Officers is becoming increasingly relevant in companies. The new business models take massive data as an essential part of decision-making since Big Data, AI, IoT, and social networks are the latest marketing and promotion channels for their products, services, and brands.

In this sense, the volumes of personal data stored in companies have increased, the processes and procedures through which data are collected, and those that use these for their operation. It is here where the privacy officer has an essential role in ensuring the due protection of personal data from different perspectives and judgments, while continuing to respond with solutions that allow the use of data for their companies.The privacy officer must now ensure that the processing of personal data protects the interests of the data subject.

  • What are the challenges facing technologies that make intensive use of personal data?
  • What are the challenges of adapting a data protection model to multiple jurisdictions and regulations?
  • What obstacles must they overcome to enable the cross-border flow of data between related parties?
John EdwardsJohn Edwards
Lara Kehoe HoffmanLara Kehoe Hoffman
Barbara CosgroveBarbara Cosgrove
Anna ZeiterAnna Zeiter
Takeshige SugimotoTakeshige Sugimoto
12:45 h. – 12:55 h.

Keynote Speech V: Normative convergence to the establishment of international standards for the effective protection of a human right

13:00 h. – 13:30 h.
Presenter: Francisco Javier Acuña Llamas, INAI Commissioner.
Keynote speaker: Elizabeth Denham, UK Information Commissioner and Chair of the GPA

In a hyper-connected world, where the internet knows no borders or jurisdictions, it is increasingly common to find managers who process data simultaneously in every part of the world. It implies a new challenge for data protection personnel and the authorities in charge of guaranteeing this right. There are multiple cases of application of the various regulations in different jurisdictions that often make proper supervision and, where appropriate, sanction for violations of regulations impossible.

In this scenario, the need to speak a common language of personal data allows the adoption of similar or identical principles and provisions in all regions. To achieve normative convergence it is necessary to establish international standards that guarantee adequate protection of human rights, such as protecting personal data and privacy, in the same way and with the same guarantees, at all borders.

  • What is the main obstacle to achieving regulatory convergence on the protection of personal data?
  • What mechanisms could be helpful to achieve normative convergence?
  • Is the application of international collaboration schemes necessary to achieve normative convergence?
Francisco Javier Acuña LlamasFrancisco Javier Acuña Llamas
Elizabeth DenhamElizabeth Denham

Panel V: The status of COE 108+ and the prospects of a COE Treaty on AI

13:30 h. – 14:30 h.
Moderator: Veronique Ciminà, Legal Officer at the European Data Protection Supervisor Office.
1. Gonzalo Sosa Barreto, Data Protection Coordinator at the Regulatory and Control of Personal Data Unit (Uruguay)
2. Alessandro Mantelero, Professor of Private Law and Technology at University of Turin​
3. Paul Breitbarth, Director, Global Policy & EU Strategy at Trust Arc​
4. Jean-Philippe Walter, Data Protection Commissioner at Council of Europe

The panel will explore the new regulation on artificial intelligence implemented in the European Union and will analyze how this new regulation is related to Convention 108+ of the Council of Europe. In recent years, the development of artificial intelligence has accelerated, so the objective of this regulatory convergence will be to build trust to generate confidence in the users of these technological innovations while guaranteeing the protection of their personal data and privacy rights. and privacy.

  • What are the unacceptable risks under the new regulation on Artificial Intelligence?
  • What is the key to achieving the effective guarantee of the data protection and privacy rights under Convention 108+ of the Council of Europe and the regulations that govern regulate artificial intelligence?
  • Does the ban on the use of artificial intelligence become an obstacle to the development of technological innovation in favor of its users?
Veronique CiminàVeronique Ciminà
Gonzalo Sosa BarretoGonzalo Sosa Barreto
Alessandro ManteleroAlessandro Mantelero
Paul BreitbarthPaul Breitbarth
Jean-Philippe WalterJean-Philippe Walter
Lunch Break
14:30 h. – 15:30 h.
Parallel Sessions VI - X

VI. Consummer Rights, E-commerce and Privacy Challenges

15:30 h. – 17:30 h.
Moderator: Josefina Román Vergara, INAI Commissioner.
1. Andrés Barreto, Chair of the Ibero-american Network for Data Protection, National Superintendent for Industry and Trade of the Republic of Colombia
2. Isabel Davara, Secretary of the Internet MX Association (AIMX)
3. Alessandro Acquisti, Professor of Information Technology and Public Policy at the Heinz College, Carnegie Mellon University
4. Jules Polonetsky, Chief Executive Officer at the Future of Privacy Forum
5. Jennifer Urban, Clinical Professor of Law at the University of California, Berkeley School of Law

In recent years, the digital economy has grown considerably worldwide. Digital businesses that use social networks and platforms with free messaging and email services, as well as the increasingly growing electronic commerce and financial services through the internet, broadband networks, mobile applications, communication, and all technological tools in general, radically transform the nature of commerce, creating new spaces and means to satisfy consumer needs.

  • What are the principles and guarantees that must be implemented for data protection in electronic commerce?
  • What are the tools that you consider strictly necessary for any operation carried out by electronic means?
  • What do you think of a possible regulatory convergence that guarantees the privacy and protection of personal data of electronic commerce users and at the same time safeguards consumer rights?
  • What is your position regarding the fact that some powers of data protection authorities may fall to specific consumer authorities?
Josefina Román VergaraJosefina Román Vergara
Andrés BarretoAndrés Barreto
Isabel DavaraIsabel Davara
Alessandro AcquistiAlessandro Acquisti
Jules PolonetskyJules Polonetsky
Jennifer UrbanJennifer Urban

VII. Smart Cities and Mobility Hubs

15:30 h. – 17:30 h.
Moderator: Trevor Hughes, President and CEO of the International Association of Privacy Profesionals (IAPP).
1. Amanda Clarke, Associate Professor at Carleton University
2. Omer Tene, Partner at Boston Office of Goodwin, Data, Privacy & Cibersecurity
3. Kelsey Finch, Senior Counsel at the Future of Privacy Forum
4. Bruno Bioni, Director-Founder of Data Privacy Brasil
5. Merlin Chatwin, Interim Executive Director at Open North
6. Suzanne Hoadly, Senior Manager with the POLIS Network

Each technological development has represented a challenge to privacy and the protection of personal data. The introduction of technological innovations in the easily accessible digital market has attracted many more users, which means more effective treatment and use of data. Therefore, it should offer the best practices in terms of privacy. Smart cities where public and private services feed on their citizens' data lead us to rethink privacy in our environment.

  • What are the benefits and advantages of the data processing of users who use mobility tools and their involvement in implementing smart cities projects?
  • What best design and default practices guarantee data protection and privacy in cities that offer digital services to their citizens?
  • What are the effects of users from the use of the internet of things, macro data, and computing in the cloud as elements of a smart city?
Trevor HughesTrevor Hughes
Amanda ClarkeAmanda Clarke
Omer TeneOmer Tene
Kelsey FinchKelsey Finch
Bruno BioniBruno Bioni
Merlin ChatwinMerlin Chatwin
Suzanne HoadlySuzanne Hoadly

VIII. Issues concerning the processing of personal data in the electoral arena

15:30 h. – 17:30 h.
Moderator: Colin Bennett, Professor at University of Victoria.
1. Michael McEvoy, Information and Privacy Commissioner for British Columbia
2. Tobias Judin, Head of International, Norwegian Data Protection Autorithy
3. James Dipple-Johnstone, Chief Regulatory Officer ICO

In recent years, the exercise of our political-electoral rights has begun to be achieved using various digital services that, through the processing and collection of personal data, allow the profiling of users based on the opinions issued or their activity in line to influence and eventually manipulate their views and political positions. The new way of conducting electoral campaigns through the management of social networks has had a considerable increase, derived from the diversity of techniques that can be used to achieve the expected objectives so that personal data becomes a fundamental piece for these processes. Therefore, it is necessary to innovate in the existing regulatory frameworks that apply both to the actions of the candidates and the behavior of the technology industry.

  • What would be the considerations to take into account in the normative regulation for the processing of personal data during electoral processes?
  • What is the role of the personal data protection authorities in terms of the specific powers that correspond to the electoral authorities?
  • What are the recommendations for the technological innovation sector?
  • What measures or protocols should digital services operate that can be used as the primary source of dissemination of electoral campaigns?
  • What protocols must regulate the prohibition of false content, and what would be a model process for digital services to report and give attention to these complaints?
Colin BennettColin Bennett
Michael McEvoyMichael McEvoy
Tobias JudinTobias Judin
James Dipple-JohnstoneJames Dipple-Johnstone

IX. Digital Identity: Digital Rights and Privacy impacts in a hiper-connected society

15:30 h. – 17:30 h.
Moderator: Estelle Masse, Senior Policy Analyst and Global Data Protection Lead at Access Now.
1. María Paz Canales, Global Policy Advisor at Derechos Digitales, Chile
2. Anita Allen, Professor at University of Pennsylvania
3. Ulrich Kelber, Federal Commissioner for Data Protection and Freedom of Information, Germany
4. Jesús Rubí, Coordinator of Institutional relationship and of the Support Unit
5. Leonardo Cervera Navas, Director at European Data Protection Supervisor Office

In an increasingly connected society, digital identity becomes the version of physical identity that a person shows online and that is made up of all the information that each user provides on the network such as photographs, bank details, health data, email, profession, among others. Likewise, digital identity is integrated with information from the digital trail that we leave on the internet from our searches, which allows us to generate specific profiles of ourselves quickly. The foregoing leads us to place our privacy and respect for our digital rights above the benefits we can obtain as a hyper-connected society.

  • What is the relationship between digital identity and the latest technological innovation tools that use artificial intelligence, blockchain, or biometrics?
  • What are the solutions that have been offered to users of online services, and how is the privacy and protection of our personal data guaranteed when companies or governments require online identification to provide their services or purchase products?
  • What are the problems identified from the lack of interoperability and standardization by service providers?
Estelle MasseEstelle Masse
María Paz CanalesMaría Paz Canales
Anita AllenAnita Allen
Ulrich KelberUlrich Kelber
Jesús RubíJesús Rubí
Leonardo Cervera NavasLeonardo Cervera Navas

X. Digital Rights: Fostering Human Rights Through Technology

15:30 h. – 17:30 h.
Moderator: Nuhad Ponce Kuri, President of the Consultive Committe of INAI.
1. Gus Hosein, Executive Director at Privacy International
2. Lorena Naranjo, Legal Director of Privacy and Cyber at Dentons Paz Horowitz, Ecuador
3. Rafael Yuste, Professor at Columbia Universitty
4. Katitza Rodríguez, Director for Global Privacy at Electronic Frontier Foundation

In the digital age, the need to update the existing regulatory frameworks in our societies has become evident to guarantee the adequate protection of users who use digital services. For this reason, there are existing instruments that promote the defense and protection of digital rights that include, among others, access, use, and publication in digital media. The offer of this type of service has increased considerably, so it is necessary to start legislating on this matter to guarantee these and other rights that go hand in hand with freedom of expression and privacy rights.

  • What is the role of the defense of human rights in the face of the excessive and little controlled use of information in the different digital services available today?
  • How to encourage the promotion of human rights from a technological design perspective?
  • How to regulate the traffic of information online, guaranteeing the recognition of these new digital citizenship rights?
Nuhad Ponce KuriNuhad Ponce Kuri
Gus HoseinGus Hosein
Lorena NaranjoLorena Naranjo
Rafael YusteRafael Yuste
Katitza RodríguezKatitza Rodríguez

Giovanni Buttarelli Award

17:30 h. – 17:45 h.

Closing Ceremony of the Open Session of the Global Privacy Aseembly 2021

17:50 h. – 18:00 h.

Delegate registration, log-on / arrival

6:00 h. – 7:00 h.

Welcome Ceremony

7:00 h. – 8:00 h.

Welcome from Mexican presiding commissioner Blanca Lilia Ibarra Cadena

7:00 h. – 7:05 h.

President Commissioner, National Institute for Transparency, Access to Information and Protection of Personal Data (INAI) Mexico

Blanca Lilia Ibarra CadenaBlanca Lilia Ibarra Cadena

Welcome by Congressman Juan Carlos Romero Hicks

7:05 h. – 7:45 h.

Mr. Romero Hicks is currently a private legal, economic and financial consultant, Member of the Board of Trustees of the University of Guanajuato, a Member of the Mexican Council on Foreign Affairs and provides regular national TV and radio commentary in Mexico. Romero Hicks has been decorated by Spain and Brazil and has been recognized by several publications as one of the 100 best CEO's and one of the 300 most influential leaders in Mexico. He is a Member of the Mexican Council of Foreign Affairs. Es un político y educador mexicano miembro del Partido Acción Nacional. Ha fungido como Rector de la Universidad de Guanajuato, Director General del CONACYT y gobernador del estado de Guanajuato. Actualmente es Diputado federal en la LXIV.

Juan Carlos Romero HicksJuan Carlos Romero Hicks

Welcome from the GPA Chair

7:45 h. – 8:00 h.
Elizabeth Denham

GPA Executive Committee Chair and Information Commissioner, Information Commissioner’s Office (ICO), UK

Elizabeth DenhamElizabeth Denham

Governance matters – part I

8:00 h. – 8:10 h.
Accreditation of new GPA Members and Observers

Policy Focus Session 1 – Panel Session: Data Sharing - Innovation

8:10 h. – 8:30 h.
Moderator: Elizabeth Denham

GPA Executive Committee Chair and Information Commissioner, Information Commissioner’s Office, UK

Elizabeth DenhamElizabeth Denham
Networking break
9:30 h. – 10:00 h.

Policy Focus Session 2: Lessons Learnt from COVID-19

11:00 h. – 12:30 h.
Moderator: Raymund E. Liboro

Privacy Commissioner/Chairman, National Privacy Commission, Philippines

Raymund E. LiboroRaymund E. Liboro

Report from the first GPA Reference Panel Chairman

11:30 h. – 11:45 h.
Ulrich Kelber

Federal Commissioner for Data Protection and Freedom of Information, Germany

Ulrich KelberUlrich Kelber
Networking break
11:45 h. – 12:45 h.

Reporting from GPA SDSC and Working Groups

12:45 h. – 13:45 h.

Inc. announcement of adoption of Working Group reports

Networking break
13:45 h. – 14:00 h.

Presentation and adoption of the GPA Strategic Plan 2021 - 2023

14:00 h. – 14:20 h.

End of Day One (GPA Chair)

14:20 h. – 14:30 h.

Delegate registration, log-on

6:00 h. – 7:00 h.

Introductory session, Day Two

7:00 h. – 7:30 h.

GPA Observers to International Organisations Reporting on Activity.

Reporting from other Partner Organisations

7:30 h. – 8:00 h.

Annual Report from the Berlin Group (International Working Group on Data Protection in Technology)

7:30 h. – 7:45 h.

Special Focus Session: Video From the UN Special Rapporteur on Privacy

7:45 h. – 8:00 h.
Parallel Sessions

Capacity Building Workshops

8:30 h. – 9:30 h.
Members/Observers attend either Session 1 or 2 below

Reader note: the GPA Secretariat will send registered delegates an invitation to make their choice of parallel session in early October just before the conference.

Capacity Building Workshop

8:30 h. – 9:30 h.
Focus 1: Enforcement Cooperation – where next from here?

Safe Space Session 1: Panel Discussion

Capacity Building Workshop

8:30 h. – 9:30 h.
Focus 2: Fostering Innovation through engagement

Use of the ‘Regulatory Sandbox’

Networking break
9:30 h. – 10:00 h.

GPA Capacity Building Workshop reports back to plenary

10:00 h. – 10:30 h.
Rapporteurs: nominated by each Workshop Group

Governance matters – part II

10:30 h. – 11:00 h.
  1. Announcement of adoption of 42nd Conference Report 2020
  2. Announcement of the adoption of the GPA Executive Committee Annual Report 2020 - 2021
  3. Announcement of the GPA Executive Committee 2021 - 2022 (Election / Voting results)
Networking break
11:00 h. – 11:30 h.

GPA Resolutions

11:30 h. – 13:00 h.
Discussion and Adoption

Future GPA Host Authority

13:00 h. – 13:15 h.

Closing Ceremony

13:15 h. – 13:30 h.
Elizabeth Denham

GPA Executive Committee Chair and Information Commissioner, Information Commissioner’s Office, UK

Blanca Lilia Ibarra Cadena

President Commissioner, National Institute for Transparency, Access to Information and Protection of Personal Data, INAI, Mexico

Elizabeth DenhamElizabeth Denham
Blanca Lilia Ibarra CadenaBlanca Lilia Ibarra Cadena

October 20

Countdown to session

8:50 h.

Microsoft session "The Organization of American States Updated Principles on Privacy and Personal Data Protection"

9:00 h. – 10:00 h.
Moderator: Manuel Pliego, Government Affairs, Microsoft Mexico.
1. Cristian Fernández, Principal Corporate Counsel, Microsoft México
2. Isabel Davara Fdez. de Marcos, Socia Davara Abogados
3. Mariana Salazar Albornoz, Member of the Inter-American Juridical Committee of the Organization of American States
10:00 h. – 11:00 h.

Facebook session "Experimental AI: Prototyping an AI governance framework in Mexico"

11:00 h. – 13:00 h.
Moderator: Claudia Del Pozo, Director of the Eon Resilience Lab at C Minds.
1. Norberto de Andrade, Global Policy Lead for Digital and AI Ethics at Facebook
2. Paula Vargas, Director of Privacy Policy, LatAm, Facebook
3. César Buenadicha, Chief Discovery Officer at the Inter-American Development Bank
4. Ricardo Baeza-Yates, Research Director at the Institute for Experiential AI at Northeastern University
5. Jonathan Mendoza, Minister of Personal Data Protection at the Federal Institute for Access to Public Information and Data Protection (INAI)
6. Irene Velasco, CEO and co-founder at Helki
7. Ricardo Alanis, Head of data science at Nowports

The increasing need to generate evidence-based policies to bridge tech and regulatory innovation has led to the design and implementation of Open Loop, a global experimental governance program led by Facebook that connects policymakers and technology companies to help develop effective and evidence-based policies around AI and other emerging technologies. The program builds on the collaboration and contributions of a consortium composed of regulators, governments, tech businesses, academics and civil society representatives. Through experimental governance methods, Open Loop members co-create policy prototypes and test new and different approaches to laws and regulations before they are enacted, improving the quality of rulemaking processes in the field of tech policy.

This workshop will provide an overview of Facebook’s Five Pillars of Responsible AI, explain what the Open Loop program is about, and delve into one of its use cases: the prototyping of a normative framework for transparent and explainable AI in Mexico. Insights and lessons- learned from Open Loop Mexico will be shared by different stakeholders in the program, which was led by Facebook and C Minds in collaboration with the Inter-American Development Bank and with the support of the Federal Institute for Access to Public Information and Data Protection in Mexico (INAI). The program also included the participation of 10 Mexican AI companies, some of which will be sharing their Open Loop experience during the session.

October 21

Google session "Privacy-Preserving Technologies: understanding how these techniques can support data availability"

9:00 h. – 10:30 h.
Master of Ceremonies: Lina Ornelas, Head of Government Affairs & Public Policy, Google Mexico, Central America & The Caribbean - Master of Ceremonies
Moderator: José Luis Piñar, Consultant of the TMC department at CMS Albiñana & Suárez de Lezo and Professor of Administrative Law at CEU-San Pablo University of Madrid.
1. Limor Shmerling Magazanik, Managing Director of the Israel Tech Policy Institute
2. Hannah Quay-de la Vallee, Senior Technologist at Center for Democracy & Technology
3. Peter Fleischer, Senior Privacy Counsel, Google

The audience will gain an understanding of how privacy technology offers effective ways to safeguard and enhance individual privacy, while still allowing society to unlock benefits through data availability for upstart companies, researchers, and the government. Google experts will give a series of lightning talks explaining to a non-technical audience how privacy-preserving technology (PPT) works. This will be followed by a panel conversation among policy experts on the role of PPT in policymaking and the future of privacy.

Twitter session "A conversation about our Responsible Machine Learning Initiative"

11:00 h. – 11:30 h.
1. Adela Goberna, Public Policy Manager, Twitter
2. Rumman Chowdhury, Director of ML Ethics, Transparency & Accountability, Twitter
3. Lea Kissner, Head of Privacy Engineering, Twitter

Twitter session "Data and privacy as drivers of innovation and development"

11:30 h. – 13:00 h.
Moderator: Raúl Echeberría, CEO, ALAI
1. Renato Leite Monteiro, Data Protection Counsel Lead, LatAm - Twitter
2. Lina Ornelas, Head of Government Affairs & Public Policy, Google Mexico, Central America & The Caribbean - Master of Ceremonies
3. Paula Vargas, Director of Privacy Policy, LatAm, Facebook
4. Ana Paula Bialer, Ana Paula Bialer, CNet
5. Raúl Arrieta, ACTI
6. Pablo Segura, Data Privacy Director, Mercado Libre

One Trust session "Privacy: 40 Years into the Future"

13:00 h. – 14:00 h.
1. Alexis Kateifides, FIP, CIPP/E, CIPM, Lead Privacy Counsel, OneTrust
2. Juan Carlos A. Calderón, Privacy Officer, LATAM, Deloitte
3. Héctor E. Guzmán Rodríguez, CIPP/E, Partner, Director of Data Protection and Privacy, BGBG -Bello, Gallardo, Bonequi y García, S.C.


Contact Info

Inquiries about GPA2021
[email protected]
Registration doubt
[email protected]