As the world marks Data Protection Day 2026, the importance of safeguarding individual data autonomy and fostering greater privacy awareness has never been more evident.

 

Celebrating the signing of Convention 108, the first legally binding treaty protecting privacy in the digital age, this Data Protection Day 2026 reminds us that the digital age is a double-edged sword. The profound opportunities it presents remain tempered by significant challenges that demand vigilance, responsibility, and robust action.

Indeed, in Europe, Data Protection Day 2026 comes at a pivotal juncture. Nearly a decade after the application of the landmark General Data Protection Regulation (GDPR), discussions on its future invite reflection and thought. How Europe modernises its protection frameworks, supports business, and continues its global leadership in an increasingly multi-polar world, is not obvious and instead requires frank and honest debate.

Forum Europe is proud of the role it has played in facilitating these debates. The European Data Protection & Privacy Conference is now a fixture in the Brussels calendar, regularly attracting more than 250 participants each year and fostering lively, interactive discussions on the future of data protection regulation.

As the 15th edition of this event approaches, we look back on its enduring role, the continued importance of data protection, and what’s in store at the next edition.

The 15th Annual European Data Protection & Privacy Conference takes place on 26 March 2025 in Brussels’ Renaissance Hotel.

For more information: https://dataprotection-conference.com

Commissioner Michael McGrath delivers his keynote address at last year’s 14th edition of the European Data Protection and Privacy Conference.

Looking forward to the 15th Annual European Data Protection and Privacy Conference.

The 15th edition of the European Data Protection and Privacy Conference finds Europe at a crossroads. Both the publication of the Digital Omnibus Package and the agreement on the GDPR Procedural Regulation mark pivotal developments to Europe’s digital rulebook and demonstrate the bloc’s ongoing efforts to reduce red tape, strengthen cross-border enforcement, and bolster the continent’s competitiveness in the data-driven economy. This is, of course, all while addressing a complex constellation of overlapping laws and safeguarding individuals’ fundamental rights in an increasingly intense geopolitical arena.

Indeed, in this increasingly connected world, discussions at this edition will naturally reflect such wider geopolitical developments. Taking conversations beyond Europe, discussions will assess ongoing efforts to strengthen high-level data protection while also enabling the secure and seamless transfer of personal information worldwide. Here, panellists will examine progress to date, including progress toward adequacy decisions, mutual recognition and shared standards, and discuss the further steps needed to reduce complexity for organisations, enhance legal certainty, and deliver stronger protections for individuals, regardless of where their data travels. 

Given the complex interplay between the DMA and the GDPR, as well as the joint guidance recently issued by the European Commission and European Data Protection Board, a session will also spotlight the relationship between competition policy and data privacy. How should gatekeepers navigate DMA obligations (such as real-time data portability, data access for business users, and interoperability) while remaining fully compliant with GDPR principles on consent? Can privacy enforcement unlock competition by reducing data-driven market power? Do interoperability and data-sharing obligations risk conflicting with GDPR provisions? And, what does this regulatory convergence mean for innovation, AI development, and the competitiveness of the EU’s digital sector? This session will explore ask all such questions. 

An essential session on the relationship between AI and data protection will follow discussions on the role of data privacy in the digital transformation of public services. This session will offer participants an opportunity to reflect on how public authorities can harness digital innovation while maintaining the trust that underpins democratic governance.

With the 26th March fast approaching, key confirmed speakers currently include: 

• Michael McGrath, Commissioner for Democracy, Justice, the Rule of Law and Consumer Protection, European Commission 
• Leontina Sandu, Head of Unit, Interoperability & Digital Government, DG DIGIT, European Commission
• Karolina Mojzesowicz, Deputy Head of Unit, Data Protection, DG JUSTICE, European Commission 
• Louisa Klingvall, Acting Head of Unit, International Affairs and Data Flows, DG JUST, European Commission
• Clarisse Girot, Head of Division, Data Flows, Governance and Privacy l Online Safety, OECD

In focus: Aligning Data Privacy and AI Governance’ at the 2024 14th Annual European Data Protection and Privacy Conference.

Reflect on Some Key Moments from Previous Editions:

14th Annual European Data Protection and Privacy Conference.

At last year’s 14th Annual European Data Protection & Privacy Conference, Commissioner Michael McGrath reflected on the enduring role of the GDPR at the heart of the EU’s digital acquis. A ‘vital element in building trust in the digital economy’, McGrath considered the regulation a cornerstone of Europe's digital acquis. 

‘Trust, in many ways, is the foundation upon which the full potential of the digital economy can be realised.’
European Commissioner for Democracy, Justice, the Rule of Law and Consumer Protection, Michael McGrath

However the GDPR is not without its shortcomings, McGrath too acknowledged. Referring to the Second Report on the Application of the GDPR, he outlined key priorities for his mandate, including the need to provide greater support to businesses, particularly SMEs, in meeting their compliance obligations.

With the event’s themes largely centred on supporting innovation amid growing regulatory complexity, Commissioner McGrath was joined in delivering keynote remarks by Anu Talus, Chair of the European Data Protection Board. Talus, for her part, posed a fundamental question: ‘How can we build a digital future that respects fundamental rights, fosters trust, and facilitates economic growth?’ While perspectives varied and, at times, diverged, these unresolved tensions continue to shape the debate. As such, the current edition once again returns to these questions, revisiting challenges that remain as pertinent today as they were last year.

Subsequent panel discussions explored law enforcement access to data, the relationship between data privacy and AI governance, and the role of technology in unlocking the value of personal data. In particular, the latter offered insightful commentary on the potential for personal data to drive innovation, research, and broader societal benefit.

The 13th edition of the event saw former Commissioner for Justice, Didier Reynders, deliver a keynote address.

13th Annual European Data Protection and Privacy Conference.

At the 13th edition of the event, Forum Europe was pleased to welcome the return of Didier Reynders, former European Commissioner for Justice, to deliver his second consecutive keynote address. Marking the fifth anniversary of the GDPR’s entry into application, Reynders reflected on the central role of data protection in Europe and the European way of life, calling for the promotion of ‘privacy innovation’ to unlock the full potential of data and drive the next wave of enterprise. He was joined by fellow keynote speaker Mathieu Michel, Belgium’s Secretary of State for Digitalisation, in delivering the opening remarks

‘In an increasingly digital world, new data-driven technologies and services must adhere to requirements of data protection by design and by default.’
European Commissioner for Justice, Didier Reynders.

Perhaps unsurprisingly, much of the discussion centred on the GDPR five years on, with delegates and panellists alike reflecting on progress to date, the future of European privacy regulation, and Europe’s role in the global data privacy landscape.

Focusing on the balance between the development of foundation models and the protection of personal data, the programme also examined the evolving role of privacy in the AI era. As generative AI continues to polarise debate, such themes are expected to feature prominently at this year’s conference. 

‘We have done the regulation part. Now we need to get the implementation right. Businesses need it, citizens deserve it, and public institutions should provide it. If we can get this right, the best days of our digital world are yet to come.’
Belgian Secretary of State for Digitalisation, Mathieu Michel.

At the 2022 edition: Session 1, titled 'The GDPR and the New Wave of Tech Regulation: Consistency, Compliance and Enforcement.

12th Annual European Data Protection and Privacy Conference. 

The 12th edition of the conference saw Commissioner Didier Reynders join Forum Europe Chairman Paul Adamson to discuss enduring and emerging themes in data protection policy and regulation. This was followed by a keynote from US Assistant Secretary of Commerce Grant T. Harris, who reflected on developments in data protection, the growing role of AI, and the future of EU–US data flows as both technical and political priorities.

Building on Harris’ reflections, the day concluded with the session: ‘Data Privacy, Future Technologies and Digital Services: Future-proofing Regulatory and Technical Considerations.’ Here, panellists examined how emerging technologies such as general-purpose AI, the metaverse, cryptocurrency, and even Web3, are challenging existing regulatory frameworks, and explored the role of privacy-enhancing technologies, privacy-by-design approaches, and voluntary codes of conduct in addressing these challenges.

Former French Minister for Justice Éric Dupond-Moretti on stage at the 11th Annual European Data Protection and Privacy Conference.

11th Annual European Data Protection and Privacy Conference. 

The 2021 edition of the conference featured the fourth and final keynote address by Věra Jourová, then Vice-President for Values and Transparency in the first von der Leyen Commission. She was joined in opening the event by Marjan Dikaučič and Éric Dupond-Moretti, former Slovenian and French Ministers of Justice respectively. Owing to the COVID-19 pandemic, the event was held virtually, welcoming more than 460 delegates from across the globe. 

Notably, this edition marked the first to feature a standalone session on artificial intelligence. Panellists examined the alignment between Europe’s data protection framework and its emerging AI ambitions, with key questions reflecting on data sharing, trust, and regulatory adequacy. 

With the Digital Services Act (DSA) and the Digital Markets Act (DMA) entering into force that year, discussions also examined the intersection of data protection and competition in the platform economy. The panel recognised that personal data sits at the core of the platform-based business models, and, accordingly, commentary examined the extent to which robust and effectively enforced data protection rules could provide greater equity between consumers and service providers. 

Paul Adamson, Forum Europe Chairman, on stage at the 10th edition. 

10th Annual European Data Protection and Privacy Conference. 

The 10th edition, again held virtually, embraced the theme ‘Responsible Data Use in Data-Driven Societies.’ Recognising the role of data in our increasingly digitalised societies, sessions focussed on future trends across global data privacy. These included: emerging data-driven technologies, the relationship between cross-border electronic evidence and law enforcement, and, finally, the alignment between ePrivacy, cookies, and data retention.

However, in response to the First Report on the Evaluation and Review of the GDPR, the opening session asked whether the regulation was fully delivering on the EU’s data protection principles. While largely regarded as a success, the report highlighted areas for improvement — most notably the lack of harmonised and consistent implementation and enforcement across the EU. Panellists noted that while some challenges were exacerbated by differing national responses to the COVID-19 pandemic, structural issues remain.

At this edition, former Commissioners Jourová and Reynders were joined by Timo Harakka, then Finnish Minister of Transport and Communications; James Sullivan, Deputy Assistant Secretary for Services at the U.S. Department of Commerce; and John Whittingdale, UK Minister of State for Media and Data.


Former Commissioner, and current Deputy Prime Minister of Bulgaria, Mariya Gabriel on stage at the 2019 edition.

9th Annual European Data Protection and Privacy Conference. 

As the first edition to follow the formal application of the GDPR, the 9th Annual European Data Protection and Privacy Conference focused on the role of data in driving economic growth and societal benefit, and on how the GDPR could support these objectives. It featured former European Union Commissioners Mariya Gabriel, Digital Economy & Society, and Věra Jourová, Justice, as headline speakers.

Reflecting the GDPR’s Brussels effect and its global influence on data protection frameworks, the conference featured a strong international dimension. Contributions from EU Member States were complemented by perspectives from Japan, Singapore, Kenya, and the United States. Examining the misuse of personal data in the spread of misinformation and its implications for democracy and fundamental rights, the penultimate session, titled ‘Fighting ‘Fake News’, was also of note. Here, panellists explored the role of so-called troll farms, bots, and super-spreaders in amplifying misinformation and ideological narratives online. 

Caroline Goemans-Dorny, Data Protection Officer, Interpol at the 8th Annual European Data Protection and Privacy Conference.

8th Annual European Data Protection and Privacy Conference. 

Held six months before the GDPR entered into force, conversations at the 8th Annual European Data Protection and Privacy Conference largely concerned the practical challenges of implementation and compliance.

Following a review of the EU–US Privacy Shield and the launch of the Canada-European Union Comprehensive Economic and Trade Agreement (CETA), the conference also explored the impact of international cooperation on robust data protection. The programme also addressed the 2017 release of the ePrivacy Regulation, bringing together voices from EU institutions, civil society, and industry to assess its implications for innovation, technological neutrality, and regulatory coherence one year after its introduction.

Keynote speakers included Urmas Reinsalu, then Estonia’s Minister of Justice, and former European Commissioner Věra Jourová.

Former Commissioner of the European Union, Věra Jourová, delivers a keynote address at the 7th annual edition.

7th Annual European Data Protection and Privacy Conference. 

Providing ample subject for debate, the 7th Annual European Data Protection and Privacy Conference fell within the proximity of several key, and so far enduring, developments to Europe’s data privacy landscape.

The adoption of the GDPR, a formal agreement on the EU–US Privacy Shield, and the UK’s referendum on EU membership all came to pass in 2016, marking it as a pivotal year for Europe’s data protection landscape. Meanwhile, the review of the ePrivacy Directive, originally scheduled for release in December of that year, was ultimately published in January 2017.

Discussions on these developments brought together senior figures including European Union Commissioner Věra Jourová; Chair of the Article 29 Working Party, Isabelle Falque-Pierrotin; and then Deputy Director General of BEUC, Ursula Pachl. The edition also saw contributions from Adina-Ioana Vălean, then Vice-President of the European Parliament, and Kaja Kallas, now EU High Representative, who participated in the opening session as an MEP.

In focus at the 5th edition: 'Will the new rules enable or restrain data innovation in Europe?'

6th Annual European Data Protection and Privacy Conference.

Shaped by the continued ascent of the GDPR, the 6th Annual European Data Protection and Privacy Conference focused on the scope and implications of the forthcoming regulation. Reflecting issues that continue to define Europe’s digital policy debate, discussions also highlighted the challenge of harmonising EU data protection rules. A final session on consumer trust examined how the GDPR and ePrivacy Directive could support the Digital Single Market while balancing innovation and growth.

Keynote speakers included Felix Braz, then Luxembourg’s Minister for Justice, Julie Brill, then Commissioner of the US Federal Trade Commission, and Věra Jourová.

At the 5th edition: Kelly Welsh, General Counsel at the United States Department of Commerce. 

5th Annual European Data Protection and Privacy Conference. 

On its fifth anniversary, the European Data Protection and Privacy Conference was, again, largely dominated by the GDPR. Held amid the tripartite negotiations between the Council, Commission and Parliament lingered on, participants reflected on progress made, remaining concerns within the business community, and the then prevailing principle that ‘nothing is agreed until everything is agreed.’

This edition featured the first keynote address by Věra Jourová, joined by Enrico Costa, then Italian Deputy Minister for Justice, and Jan Albrecht, former MEP and GDPR Rapporteur. Subsequent discussions brought together affected stakeholders to address outstanding issues and challenges ahead.

Interesting, a dedicated session on ‘The Future of Data Privacy in Europe’ prompted a broader reflection on how privacy concepts may evolve in response to new technologies, and how policymakers can balance innovation, competitiveness, and fundamental rights. Viviane Reding, then an MEP, also delivered a keynote on reconciling data protection with international data flows.

At the 5th edition: Assessing the progress of the European Data Protection Regulation - on track for completion?

4th Annual European Data Protection and Privacy Conference. 

At the fourth annual edition, sessions examined the transformation of Europe’s digital landscape, focusing on how forthcoming data protection rules might affect citizens, industry, and the wider digital economy. Discussions also explored how regulation could support digital growth while ensuring transparency and accountability. A question that continues to resonate today.

The edition featured an opening keynote by Viviane Reding, then European Commission Vice-President for Justice, Fundamental Rights and Citizenship, marking the first of four consecutive years of her participation.

Latvia's Jekaterina Macuka on stage at the 5th Annual European Data Protection and Privacy Conference.

3rd Annual European Data Protection and Privacy Conference.

The 3rd Annual European Data Protection and Privacy Conference marked the first opportunity for participants to reflect on the revised GDPR following its formal release. Opening discussions examined the regulation’s path to application and its anticipated impact on businesses, regulators, consumers, and legislators. Key points of debate: fines, the one-stop-shop mechanism, and citizens’ control over personal data.

The programme also explored the GDPR’s international implications, assessing the emerging Brussels effect and the extent to which other jurisdictions might follow Europe’s lead. To this end, keynotes from William E. Kennard, then US Ambassador to the EU, and former UK Information Commissioner Christopher Graham shaped a timely and substantive debate.

Breakout sessions addressed the balance between data protection and other fundamental rights, as well as whether the new framework could provide a technology-neutral, future-proof approach to data protection regulation.

On stage with Microsoft's Jeremy Rollison. 

2nd Annual European Data Protection and Privacy Conference.

With keynote addresses from Vice President Viviane Reding; then General Counsel at the US Department of Commerce, Cameron Kerry; and Jacob Kohnstamm, then Chair of the Article 29 Data Protection Working Party, the 2nd edition of the event welcomed around 450 delegates to Brussels.

Discussions focused on the harmonisation of data protection laws, the role of the Article 29 Working Party, coordination between EU and national authorities, and the impact of stronger privacy rules on citizens. This was, of course, alongside sustained commentary on the enduring importance of data responsibility and accountability.

In 2014: Jan Albrecht MEP and Rapporteur on the General Data Protection Regulation. 

1st Annual European Data Protection and Privacy Conference.

And finally, at its inaugural edition, the European Data Protection and Privacy Conference brought together over 300 leading experts to discuss the creation of a modern and harmonised EU data protection framework. Held as the Commission launched its review of the 1995 Data Protection Directive, the conference reflected on rapid technological change, the emergence of the digital economy, and new forms of data use.

In part, many of the themes introduced at this inaugural edition have remained staples of editions to follow. From the outset, the themes of harmonisation, simplification, transparency, and security have emerged as defining pillars of the programme. Moreover, discussions concerning the global relevance of European data protection standards and their compatibility with international frameworks have only grown in prominence.

Jacob Kohnstamm, then Chair of the Article 29 Data Protection Working Party, joined Vice President Viviane Reding in delivering the opening keynote addresses. This marked the beginning of a now 15-year engagement between the European Commission and the Annual European Data Protection & Privacy Conference, underscoring the enduring importance of data protection within the EU policy agenda.

EDPB Chair, Anu Talus in conversation with Zach Meyers, CERRE. 

Reflecting on a legacy: 

As Forum Europe celebrates the 15th anniversary of the Annual European Data Protection and Privacy Conference, we are proud to reflect on the enduring legacy of Europe’s premier data policy forum. 

This milestone offers a moment to honor the exceptional speakers and partners who have shaped this journey. We extend our sincere gratitude to every contributor, attendee, and sponsor whose support has helped sustain this platform for meaningful exchange over the past decade and a half.

Beyond the anniversary, today serves as a vital reminder of the global significance of data protection. Nearly twenty years since its inception, the mission of Data Protection Day remains more critical than ever: navigating a rapidly digitalising world requires a delicate balance between the seamless flow of data and the protection of human dignity.

We look forward to furthering this essential conversation at the 15th Annual European Data Protection and Privacy Conference in March 2026, where we will continue to seek clarity and progress for the global privacy landscape.

 

For more information on upcoming events, please visit: forum-europe.com

For further information on the 15th Annual European Data Protection and Privacy Conference: https://dataprotection-conference.com/

Sign up to our newsletter to keep up to date with the latest events and updates: Receive Our Newsletter

And to hear about next future events on Artificial Intelligence, sign up to the mailing list: Keep Me Informed