Next week, the EU policy team of Access Now will be participating in the Computers, Privacy & Data Protection (CPDP) 2022 conference held in Brussels, Belgium.
The event takes place from Monday, 23 May to Wednesday, 25 May, 2022. Below is a snapshot of the sessions we will be participating in. If you cannot be there, recordings of the sessions will be available online after the event. You should also keep an eye on Access Now on Twitter to follow the discussions in real time!
What is Computer Privacy and Data Protection (CPDP)?
CPDP is one of the main data protection conferences in Europe. The event brings together international and national policymakers, regulators, academics, computer scientists, legal practitioners, industry representatives, activists, consultants, and tech journalists. This year’s theme is Data protection and Privacy in Transnational Times.
Like every year, Access Now will actively contribute to the conference. Our staff will speak on panels on artificial intelligence, facial recognition, the enforcement of the General Data Protection Regulation, and data access rights. Here’s a guide to where you can find us at CPDP 2022:
Monday, 23 May
Title: How to reconcile facial recognition technologies with consumers’ privacy
When and where: At 08:45 CET – LA CAVE
Moderator: Michael Maguire, Office of the Privacy Commissioner (CA)
Speakers: James Dipple-Johnstone, UK Information Commissioner’s Office (UK); Anna Colaps, EDPS (EU); Daniel Leufer, Access Now (BE).
Owing to rapid technological innovations in biometric technology, including improvements to facial recognition (FRT) algorithms and the unprecedented availability of personal images, FRT is perceived as an easy and reliable biometric solution for identifying and authenticating individuals. The demand and temptation to deploy FRT solutions and services (hiring, policing, marketing, etc.) continues to grow all over the world, both in the private and public sectors. But, alas, every tech rose has its thorn and FRT is not an exception insofar as it constitutes a significant threat to individuals’ privacy if deployed outside legal parameters. In this session, the panellists will outline the state of play in the world through concrete examples of national/regional strategies, recent investigations (including Clearview AI), and regulations and policy orientations in relation to private and public sector uses of FRT.
Tuesday, 24 May
Title: See you in court — discussing the potential and challenges of private actions for GDPR infringements
When and where: At 08:45 CET – AREA 42 GRAND
Moderator: Johnny Ryan, Irish Council for Civil Liberties/ Open Markets Institute (IE)
Speakers: Alexia Pato, University of Girona (ES); Anton Ekker, Ekker Advocatuur (NL); Romain Robert, noyb (AT); Estelle Massé, Access Now (BE).
The GDPR has been in force for nearly four years, but the challenges of enforcing it set it up to be a paper tiger. The one-stop shop seems to benefit companies, underdelivering on the GDPR’s promise to give individuals back control of their personal data. NGOs and individuals start to turn to courts to enforce GDPR-conferred rights, including to compensation. Yet, the divergences between national laws of EU countries make private cross-border actions challenging. National laws may significantly differ as to the burden of proof, the notions of infringement and damage, causality as well as compensation. With no clear rules determining the applicable law there is a growing risk of fragmentation of individuals’ level of protection. The upcoming Collective Redress Directive holds a promise to offset some of the existing challenges and facilitate collective actions, yet comes with its own uncertainties.
Title: The future of the right to access
When and where: At 10:30 CET – AREA 42 MIDI
Moderator: Fanny Hidvegi, Access Now (BE)
Speakers: Cristiana Santos, Utrecht University (NL); René Mahieu, Vrije Universiteit Brussel (BE); Sjoera Nas, Privacy Company (NL).
The right to access is fundamental in the GDPR. It is a great transparency tool. Lately, many studies have shown how to abuse the right to access to steal data from others: 1. Researchers demonstrated that is it possible to abuse the right to access to steal data from others, 2. Studies have shown that data subject access requests are often denied by data controllers. Why is it difficult to implement the right of access? During this panel, we will do a diagnosis of all the symptoms of the failure of the right to access. We will also try to find solutions to fix the right to access to avoid abuses and systematic denial of access and try to discuss how to fix it at the end of this panel.
Title: Leveraging AI: risks & innovation in content moderation by social media platforms
When and where: At 11:45 CET – Grande Halle
Moderator: Alexandra Kuczerawy, KU Leuven (BE)
Speakers: Siobhan Cummiskey, Meta (US); Eliska Pirkova, Access Now (BE); Guido Lobrano, ITI (BE).
Businesses and organisations rely on AI to innovate, and increasingly rely on AI to protect the public interest. For social media platforms, AI can be a powerful tool for content moderation in order to keep users and the public safe, for instance by detecting and taking down violating content and accounts. At the same time, social media platforms need to preserve privacy, fairness, and freedom of expression. Content moderation does not come with a one-size fits all approach. Panellists will dive into how AI-based detection of illegal and harmful content works in different areas of harms, such as hate speech, child safety or illegal content. The panel will also discuss the risks and safeguards, transparency, control, privacy, fairness, and the role of human review and intervention.