Effective Remedies for AI-Induced Harms: Lessons Learned from GDPR Enforcement by Data Protection Authorities

  • Panel
  • Class Room
  • Friday 23.05 — 10:30 - 11:45

Organising Institution

Centre for Democracy and Technology Europe (CDT)

Europe

  • Academic 2
  • Policy 4
Data protection authorities have collectively been at the forefront of assessing the impacts of new technologies on fundamental rights, naturally emerging as strong contenders for the role as Market Surveillance Authorities under the AI Act. With the deadline to appoint Market Surveillance Authorities approaching in August 2025, this panel aims to identify lessons learned from data protection authorities’ experience in ensuring effective remedies for data protection harms which could be applied to the AI Act’s market surveillance framework. The panel will identify the different enforcement needs for AI harms as opposed to solely data protection harms, compare and contrast the governing frameworks for data protection and market surveillance authorities and how these regulators have traditionally fulfilled their roles, and discuss how best civil society and fundamental rights authorities may support and collaborate with them.

Questions to be answered

  1. What do effective remedies look like in data protection, and how should they look like for AI-induced harms?
  2. How do powers held by data protection authorities compare to powers traditionally held by market surveillance authorities?
  3. Is it desirable that MSAs approach AI-related complaints in the same way as DPAs process GDPR-related complaints?
  4. What role can civil society organisations and fundamental rights authorities play in enabling effective remedies for AI-induced harms in this regulatory landscape?

Moderator

Laura Lazaro Cabrera

Centre for Democracy and Technology Europe - Europe

Laura Lazaro Cabrera is Counsel and Director of the Equity and Data Programme at the CDT Europe Office in Brussels, where she leads the work promoting the effective protection of fundamental human rights in the implementation of European Union legislation, including the AI Act. Having held legal roles at several international NGOs, Laura has extensive experience in domestic and regional human rights litigation focussing on tech and its impacts.

Speaker

Rocco Saverino

LSTS, VUB - Belgium

Rocco Saverino is a Doctoral Researcher at the Vrije Universiteit Brussel (VUB)'s Faculty of Law and Criminology, and member of Law, Science, Technology and Society (LSTS) Research Group. He is part of the ALTEP-DP project and focuses his research on the critical role of Data Protection Authorities in enforcing the regulations on data protection and considering their impact in the context of AI.

Speaker

Maria Magierska

Maastricht University - Netherlands

Maria Magierska is a Senior Lecturer at Maastricht University, where she is a member of the European Centre on Privacy and Cybersecurity team. Maria is currently completing her PhD at the European University Institute in Florence. She is interested in data protection, EU administrative law and enforcement of digital rights in the EU.

Speaker

Thomas Zerdick

EDPS - Europe

Thomas Zerdick is the Head of the Unit “Supervision and Enforcement” in the office of the European Data Protection Supervisor (EDPS). Previously, he was Head of the Unit “Technology and Privacy” in the office of the EDPS. As a Member of Cabinet for the European Commission’s First Vice-President Timmermans, he worked on issues relating to the Rule of Law and Fundamental Rights, including personal data protection. At the European Commission’s Directorate-General for Justice and Consumers, Mr Zerdick was a key member of the team that prepared and negotiated the European Commission’s data protection reform proposals, i.e. the General Data Protection Regulation (GDPR) and the Police Data Protection Directive between 2009 and 2016.

Speaker

Itxaso Domínguez de Olazábal

EDRi - Belgium

Itxaso Domínguez de Olazábal, PhD, is a policy advisor at European Digital Rights (EDRi) and an expert in data protection and privacy, with a focus on commercial surveillance and the multidimensional virtual harms caused by online tracking. She also specialises in online freedom of expression, examining the role of security forces in content governance.