KEYNOTE SPEAKER
David Murphy - Deputy Commissioner,
Data Protection Commission (Ireland)
Conference Chair
Paul Lavery - Partner, McCann FitzGerald
 How the Explosion in Generative AI Impacts GDPR Compliance
Conor Hogan - Global Practice Director
(Data Governance), BSI
What is ‘generative AI’ and how is it developed? What are the main GDPR issues when training and/or deploying large-language models (LLMs)? How can privacy rights be respected when such massive datasets are processed? This talk focusses on the compliance challenges when developing or using generative AI.
Privacy Enhancing Technologies (PETs) – What Should You be Considering for Your Organisation?
Doug McMahon - Partner, McCann FitzGerald
PETs have been hailed as a potential solution to allow organisations to harness the value of personal data, whilst ensuring compliance with data protection obligations. This session sets out details of some of the more common PETs, and what organisations need to consider if they are proposing to implement them.
How The AI Regulatory Revolution Affects You
Moya Novella - Counsel (Data Privacy), IBM
The emergence of AI specific regulation is unstoppable and data protection practitioners have a crucial role to play. This session looks at what new emerging regulation requires, how organisations can prepare for compliance, and what contribution data protection practitioners can make to overcome this new challenge.
 Data Breaches: How Much Will They Cost?
Morgane Conaty BL - Barrister
The consequences of a data breach for an organisation can be considerable depending on the nature and effects of the breach and the significance of failures to comply with the GDPR. As well as suffering reputational damage, an organisation may suffer financial losses if it is fined and/or if civil litigation is taken. The GDPR provides a right to compensation for any data subject who has suffered material or non-material damage as a result of an infringement of the GDPR. Additionally, supervisory authorities can impose administrative fines, taking into account certain parameters in the GDPR. This talk considers recent developments in enforcement and recent case law from the Court of Justice and the Irish courts on the interpretation of non-material damage and the level of award in data breach cases. It also considers the European Data Protection Board’s adoption, in May 2023, of guidelines on the calculation of administrative fines.
 The UK is Amending its Data Protection Laws - So What?
Fedelma Good - Data Protection & ePrivacy Consultant
Described by the UK Government as ‘New data laws to cut down pointless paperwork … and reduce annoying cookie pop-ups’, the Bill amends the UK’s retained version of the EU GDPR, the ePrivacy Directive and the DPA 2018 rather than replacing them. The Bill covers a wide range of areas including: automated decision making; handling vexatious subject access requests; scientific research; the introduction of the role of a Senior Responsible Individual in place of the DPO; increased fines for nuisance calls and texts and changes to the governance structure and powers of the regulator. This session looks beyond the rhetoric and explores the changes included in the Bill and their practical implications for Irish and International organisations.
When the Regulator Finds Against You - Considerations
Rosaleen Byrne - Partner, McCann FitzGerald
When organisations are on the receiving end of an adverse decision of the DPC, very often the immediate reaction is to appeal the decision. This session looks at considerations organisations should take into account when weighing up the potential benefits and risks of appealing. What will an appeal look like in practice? Are the outcomes on appeal likely to assist? What about the expertise of the Regulator? Are there arguable grounds on which to appeal and many more issues...
Latest Data Protection Decisions – Practical Implications
Adam Finlay - Partner, McCann FitzGerald
This session considers the latest developments in data protection compliance arising from decisions of the Data Protection Commission and Irish and European Courts, including in relation to dealing with data subject access requests, personal data breaches and data protection actions, and identifying the appropriate legal basis for processing.
|
