CPDP2017 will stage more than 70 panels and workshops with a stimulating mix of academics, practitioners, regulators and advocates, as well as multiple side events such as open debates, PechaKucha performances and artistic interventions. Some last-minute changes are always possible.

Download the full version of the programme here (PDF, 32 MB). Registered particpants will receive a hard copy in their registration pack on-site.

07.30 - Registration in La Cave

08.15 - Welcome coffee in Le Village

THURSday 26 january 2017 • PETITE halle


academic •• policy •• business ••

organised by Brown University

Chair Achim Klabunde, EDPS (EU)

Moderator Deborah Hurley, Brown University (US)

Panel Rocco Bellanova, University of Amsterdam (NL), Timothy Edgar, Brown University (US), Lucie Krahulcova, AccessNow (BE), Jan Neutze, Microsoft (BE), Katitza Rodriguez, EFF (US)

Although a few pundits have been warning of the risks of cyberwar for some time, 2016 was the year when the wider public began to appreciate, through a wide variety of highly publicized events, the potential threats and impacts of cyberwar. Although not species-ending in itself in the manner of nuclear and biological threats, cyberwar, used alone or in combination with NBC threats (nuclear, biological, and chemical), offers a distributed, low barrier to entry means to create havoc and disrupt economies and societies. A number of responses are in the works from the G7, the United Nations, and many other international and national state and non-state actors. This panel will pull these threads together, assess current status, and provide clear guidance for the future and practical next steps toward averting cyberwar.

  • How can we develop a non-armament accord for cyberspace?
  • Which are the other possible efforts under way toward reducing the use of cyberspace as a battleground?
  • Is it feasible to declare cyberspace as a zone exclusively for peaceful and scientific purposes?
  • Is it convenient to use treaty precedents and models for realistic alternatives to avert cyberwar?

10.00 - Coffee break


academic •• policy ••• business •

organised by Center for Law and Technology, University of Haifa and Willi Z. Aptowitzer International Center for Risk, Liability and Insurance

Chair Irina Vasiliu, DG JUST (EU)

Moderator Mireille Hildebrandt, VUB (BE)

Panel Katja de Vries, VUB-LSTS (BE), Luca Marighetti, Swiss Re (CH), Duncan Minty, independent insurance ethics consultant (UK), Tal Zarsky, University of Haifa (IL)

The age of big data generates vast knowledge about the nature and behaviour of humans. One context in which it will make a substantial difference is insurance. As devices stream data about how we live, work and think, insurers can potentially micro-analyse the present and future risk that each of us present. Insurers can personalise premiums and cover, yet this might undermine the very essence of risk pooling we’ve always relied on insurance for, as well as the stability of premium prices. Could the disrupting influence of big data lead to the destruction of insurance as we know it? How will it impact consumers of insurance and the firms that provide it? The panel will discuss the promises and challenges that this change brings about, as well as the role of data protection and anti-discrimination law in providing solutions.

  • What data sources can insurance firms realistically utilize to generate personalized premiums and conditions?
  • What is the proper regulatory response to voluntary participation in schemes involving data collection by insurers (for example wellness programs and black-boxes in vehicles)?
  • Should insurance regulators encourage big data usage, or move to inhibit it – and if so how and why?
  • Are current antidiscrimination law, policy and theory equipped to deal with the questions these business models generate? What other laws are relevant to this issue?


policy ••• business •••

organised by Datatilsynet, the Norwegian DPA

Chair Frederik Zuiderveen Borgesius, IViR-UvA (NL)

Moderator Christian D'Cunha, EDPS (EU)

Panel Augustin Reyna, BEUC (EU), Bjørn Erik Thon, Datatilsynet (NO), Javier Pimentel Calderon, Kreditech, (DE), Cecile Wendling, AXA Group (FR)

Financial services are getting personal. New technology is changing traditional business models. There is considerable pressure to exploit customer data for commercial purposes. Insurance companies are offering personalised insurance based on data from sensors in your car, house and on your body. Credit reporting agencies have started using machine learning to predict your creditworthiness based on digital traces left online. With the Revised Payment Service Directive, banks’ monopoly on customers’ account information will disappear. Major Internet Companies will develop personalised services based on access to your banking data. The changes in the finance and insurance industries will affect our privacy. How deep into our lives do we allow insurers? Who will have access to our banking data and how will it be used – and re-used? How can we keep the consumer in control in a complex business environment?

  • Consent: In the future, will you have to pay extra to keep your life private?
  • Reliability and relevance of data: A challenge arises with the use of big data, namely making sure the data is reliable and that it can in fact be used for risk assessment.
  • Discrimination by algorithms.
  • Empowerment of the consumer: how to make the right to data portability work?

13.00 - Lunch break


academic •• policy •• business ••

organised by CANVAS Project

Chair Michael Meier, Universität Bonn (DE)

Moderator Gloria Gonzalez Fuster, Vrije Universiteit Brussel (BE)

Panel Don Howard, University of Notre Dame (US), Mikko Hypponen, F-Secure (FI), Athina Karatzogianni, University of Leicester (UK), Francesco Lapenta, Roskilde University (DK)

The growing complexity of the digital ecosystem in combination with increasing global risks entail the danger that enforcing cybersecurity may bypass other fundamental values like equality, fairness or privacy, whereas downplaying cybersecurity would undermine citizens’ trust and confidence in the digital infrastructure. Tackling this challenge requires us to unify technology developers with legal and ethical scholars and social scientists to approach the challenge of how cybersecurity can be aligned with European values and fundamental rights. The panel will outline the main challenges of creating value-sensitive cybersecurity and address the following questions:

  • Is enforcing cybersecurity ethical in all cases?
  • Which are the most relevant value conflicts in cybersecurity?
  • How to resolve ethical dilemmas in cybersecurity?
  • What are the practical consequences of ethics for cybersecurity practitioners in governments and industry?

15.30 - Coffee break


academic •• policy ••• business •

organised by Chuo University

Chair Eleni Kosta, TILT (NL)

Moderator Hiroshi Miyashita, Chuo University (JP)

Panel Dara Hallinan, FIZ Karlsruhe - Leibniz Institute for Information Infrastructure (DE), Evert-Ben van Veen, MedLawconsult (NL), Jean-Marc Van Gyseghem, CRIDS (BE), Irina Vasiliu, DG Just (EU)

DNA testing is easily available for consumers and promises to reveal not only possible diseases and genetic disorders, but also talent, character and disability. In turn, genetic data, the so-called ultimate personal information, cannot be changed so that it no longer identifies an individual. The use of genetic data may thus have serious consequences, such as discrimination and bias, not only for the person from whom it was extracted, but for their current and future family members. Accordingly, genetic data protection has been argued to require special attention in data protection laws, ethical frameworks and law enforcement. This panel will consider the challenges presented to regulators by the processing of genetic data including consent, profiling, the sensitivity of genetic data, medical research and effective oversight.

  • How should genetic data be protected in data protection laws?
  • How should a consent regime for genetic testing function?
  • How should oversight work?
  • How should the legal regimes applicable differ across different processing sectors – such as law enforcement and medical research?


academic •• policy •• business ••

organised by Information Accountability Foundation

Chair Scott Taylor, Merck & Co. (US)

Moderator Martin Abrams, Information Accountability Foundation (US)

Panel Peter Burgess, École Normale Supérieure (FR), Gry Hasselbalch, DataEthics.eu (IT), Jane Horvath, Apple (US), Erik Konig, Philips (NL)

The GDPR recognizes that individual control alone is not enough to assure the full range of fundamental rights in play as data is originated, processed, and decisions are made based on the processing of that data. The GDPR requires all the elements of accountability. This means organisations that use data governed by something other than consent must make a decisions based on right and wrong, and this takes us to ethics. This session, in very practical terms will begin the discussion of the ethics that are in play, how processing may be measured against those ethics, how the soundness of the process may be made visible to stakeholders, and how regulators might oversee the process.

  • What are the digital ethics that govern data user behavior in an observational environment ecosystem that drives probability-based insights?
  • Where do ethics fit into a legal compliance regime?
  • Can ethics be effective as a check to other more explicit corporate incentives?
  • What are the alternatives to demonstrable ethical assessments?


SPonsors AND PARTNERS 2017