Brussels Privacy Hub 7th Summer Academy for Global Privacy Law 2022

From the 27th to the 1st of July 2022 the “7th Summer Academy for Global Privacy Law 2022: Engineering data regulation(s) in an age of reform” took place at the Vrije Universiteit Brussels – VUB, one of the LeADS beneficiaries. In a hybrid format, the Summer Academy focused on the EU data governance reform, emphasizing coherence, comprehensiveness, and effectiveness. ESRs Onntje Hinrichs and Barbara Lazarotto were on the organization team along with Lina Jasmontaite, Muhammed Dermican, and Michael Van den Poel.

The program dedicated each day to a regulatory instrument, placing each regulatory text within its proper background and ecosystem, before analyzing its regulatory approach and (still draft) provisions. There was particular attention to the regulation’s relationship with specific aspects of the EU data protection law, particularly with the GDPR.

In the morning, participants attended lectures by selected speakers including internationally recognized academics, policymakers, data protection authorities, and civil society representatives. In the afternoon, they engaged in role-playing sessions focused on real-life possible applications of regulations.

Barbara Lazarotto and Muhammed Dermican (Brussels Privacy Hub Managing Director and Ph.D. candidate) were the Lecturers of the Role-Playing Session named “Selling Books on Amazon: Why would you even need the DMA?”, which explored the relationship between the Digital Markets Act with the GDPR. The participants were divided into different groups that represented different roles such as Amazon Legal Team, NOYB, EDPS, DG Competition, and Publisher’s Law Firm, and had as objective to defend their interests facing an online market sale scenario. In the end, all participants discussed their points of view about the case, the DMA, and its connections with Competition Law and Data Privacy Law.

The Summer Academy ended by strengthening the understanding of the participants regarding the EU data governance reform and further questions that might appear in the future.

LeADS Training – Poster Session and the Transition from Theory to Practice

From the 19th to 25th of June 2022 the 15 ESRs met again for their fourth training module. This time they had the chance to meet on the beautiful island of Crete, Greece. The LeADS training program is structured around several training modules that together aim at training a new generation of researchers as legally attentive data scientists that become experts in both law and data science capable of working within and across the two disciplines. Whereas the third training module in Pisa focussed on the legal perspective, this training module focussed more on the computer scientist perspective.

 

LeADS at AIAI: Panel discussion and Poster Session

The training week kicked off with a workshop on “Best Practices for the development of intelligent and trustworthy algorithms and systems” at the 18th International Conference on Artificial Intelligence Applications and Innovations (AIAI). The workshop was divided into two separate panel discussions. The first panel, moderated by Imge Ozcan from VUB, the speakers Katerina Demetzou (Future of Privacy Forum), Paul De Hert (VUB), and Afonso Ferreira (CNRS, Institut de Recherche en Informatique de Toulouse) discussed topics surrounding “Data Ownership, Privacy and Empowerment”. During their contributions the speakers addressed questions such as whether or not a potential data ownership right could integrate into existing data protection law. The second panel, moderated by Giovanni Comandé from SSSA, was entitled “Trustworthy Data Processing Design”. The speakers Jessica Eynard (Toulouse Capitole University), Gabriele Lenzini (University of Luxemburg), and Salvatore Rinzivillo (Italian National Research Council) debated what kind of legal, ethical, and technological framework is needed in order to ensure a trustworthy data economy that increasingly is in demand for secondary data uses.

Furthermore, prior to the conference all ESRs prepared posters to visualize the most important results of their research. All posters were exhibited and accessible to visitors from the AIAI conference which allowed the ESRs to engage and discuss their research with the international audience from the conference.

Training Week: From Theory to Practice

Followed by this engaging introductory sessions, the ESRs presented the results from their individual research they had been conducting throughout the first months from the LeADS project. All 15 ESRs are divided into 4 Crossroads, i. e. major challenges that still need to be addressed in data-driven societies: (1) Privacy vs Intellectual Property (2) Trust in Data Processing & Algorithm Design (3) Data Ownership (4) Empowering Individuals. Each ESR has furthermore been assigned an individual research topic. During the first months of their research journey, the ESRs wrote a State-of-the-Art analysis of their topic which constitutes the scientific foundation for the upcoming research and cross-collaboration between the researchers. During 4 sessions each ESR from each crossroad had 20 minutes to present and discuss their results.

Michael Filippakis from University of Piraeus subsequently discussed how data science impacts society and can support policy-making processes and benefit innovation. In a hands-on session he introduced the ESRs to time series analysis with R programming language. Ilias Maglogiannis from University of Piraeus in his lecture on pervasive health management technology and data analytics gave several practical examples how technology is used to analyze health activities, for instance, in the case of smart clothing to monitor athletic activities. Giovanni Comandé from SSSA talked about (challenges to) secondary uses of data and elucidated on relevant GDPR provisions. Salvatore Rinzivillo in his engaging lecture discussed with the ESRs how to design explainable AI, i. e. how to incorporate intelligibility (how does it work?) and accountability (who is responsible for?) in AI systems.

The last 3 days from the training where dedicated to two practical sessions. First, Mohamed Ali Kandi from UT3 introduced the ESRs to the creation and deployment of smart contracts with solidity. Followed by this introduction the ESRs were divided in groups consisting of both lawyers and computer scientists – reflecting the interdisciplinary approach which the LeADS project epitomizes. These interdisciplinary groups then had to write and deploy a smart contract which allowed a controller to assign and remove the right to data subjects to rectify their data. Second, Itzel Vazquez Sandoval from University of Luxembourg introduced the ESRs to the design and analysis from security protocols. During the subsequent practical session, the ESRs were introduced to the tool ProVerif and had to analyse a bank statement request protocol. In groups the ESRs had to identify potential weaknesses for attacks that could lead to security breaches in the design from the protocol.

Both exercises strengthened the understanding from the ESRs how solutions to GDPR requirements can be designed, implemented, and analysed and thereby putting a dialogue between computer scientists and lawyers into practice.

Data Protection Law Scholars Network study about The Right to Lodge a Complaint

The first study of the European Data Protection Scholars Network (DPSN) commissioned by Access Now is now published. This study aims to map current DPA practices related to the right to lodge a complaint (Article 77 of the GDPR) across different EU countries, combining legal analysis and the observation of DPA websites, together with insights from the online public register of decisions adopted under the ʻone-stop-shopʼ mechanism. In general, the research shows discrepancies that concern fundamental aspects of the submission and handling of complaints, with potentially serious implications on the level of data protection in the EU.

Amongst the authors are Gloria González Fuster one of LeADS co-supervisors and Barbara da Rosa Lazarotto (ESR 7).

Click to here read the full study.