As the 8th Annual Privacy & Data Protection Summit approaches, we enjoyed catching up with Victor Tolnay, the summit chair, before the event. Victor is the Data Protection Director at DSM-Firmenich. Continue reading the interview led by the summit's conference director.
Hi Victor, we are so glad you can join us again to chair the 8th Privacy & Data Protection Summit! We have been lucky to partner with you over the years. Can you share your reflections on previous editions of this event and key moments you look back on?
Thank you! It’s a pleasure to be here again. Looking back, each summit has brought unique insights and learning opportunities.
Over the years, I’ve witnessed the event grow significantly in both size and impact. Some key moments that stand out include the profound impact of GDPR on organizations, driving significant changes in how we handle data protection and privacy, and several panels on AI, data ethics and privacy, which was incredibly forward-thinking.
Furthermore, we have seen in the last summits how organizations worldwide are navigating an increasingly complex landscape of privacy regulations and other related policies, including those governing AI, which extend far beyond the EU’s GDPR, with both a regional and a global impact.
I would also like to highlight that this summit has been instrumental in nurturing not only a network of privacy peers and professionals, but also fostering strong friendships among attendees. The approachable nature of the speakers, compared to other international privacy summits, is a significant added value.
It’s been really cool to see this event grow and the topics evolve over time. I feel like it’s always a transformative year in the privacy and data protection space but how do you see the current state of the industry? Is it evolving even quicker than before?
Absolutely, the industry is evolving at an unprecedented pace. With the rise of AI and machine learning, we’re facing new ethical and compliance questions that require swift responses. Privacy regulations are also becoming more stringent across jurisdictions, which adds another layer of complexity to organizations with global data flows. I believe we are at a pivotal moment where proactive strategies are more critical than ever for organizations to stay ahead of the curve.
With new technologies constantly entering the market, as well as new litigations being enforced, how do industry professionals keep up with the changes?
Staying updated requires a multi-faceted approach. Continuous education through conferences and summits like this, professional certifications, and staying engaged with industry news are crucial. Networking with peers and participating in forums also helps professionals share knowledge and best practices to navigate the evolving landscape. Personally, attending this summit has significantly enhanced my understanding of emerging trends and best practices, making me a more effective privacy professional.
Furthermore, organizations should be investing in compliance tools and frameworks that can adapt to regulatory changes, ensuring they remain agile and informed.
This event has always been great about bringing various industries together to highlight their data protection journey and how they remain compliant with privacy regulations globally. This year we have expert speakers joining us from Meta, Google, Generali, Unilever and many more. Data protection challenges can vary greatly depending on the industry, how would your approach to data protection differ in these contexts?
Each industry has unique challenges and regulatory requirements. For instance, tech companies like Meta and Google focus heavily on user data, consent management, and data minimization efforts, while financial institutions like Generali must prioritize data security and compliance with stringent financial regulations.
My approach is to emphasize a risk-based framework that aligns with each industry’s specific needs while fostering a culture of accountability and transparency. This way, we can tailor strategies that resonate within different operational contexts.
We have some returning speakers, such as Gonzalo Caro with Meta, Jeremy Rollison with Microsoft and Renato Monteiro with X to update us on what is going on in their organizations. Additionally, we will hear from newcomers like Kasia Gawlik with Standard Chartered, Frank Wagner with Deutsche Telekom, Inês Dias Pinheiro with PLMJ, and many more first-time speakers. What sessions are you most looking forward to this year?
I’m particularly excited to hear from the new speakers, as they bring fresh perspectives and insights. Sessions from the referred speakers and many others should be fascinating, given their diverse industry backgrounds. Additionally, updates from returning speakers like Gonzalo Caro, Jeremy Rollison, and Renato Monteiro are always valuable as they provide continuity and deeper insights into ongoing trends.
As a bonus, we get to strengthen even more a friendship we have built over the years, which I highly value. Nonetheless, one of the strong added values of this summit is that the speakers are much more approachable than at other international privacy summits, making it easier to engage with them.
I’m particularly excited about the sessions focused on AI and its implications for data privacy. The insights from the returning speakers and the discussions on real-world applications from the likes of Kasia Gawlik will be enlightening. Additionally, I look forward to the panel on cross-border data transfers, as it’s a pressing issue for many organizations navigating different regulatory environments.
One last question, if we can look into our crystal ball, how do you see the data protection landscape evolving in the next few years? Are there any specific industry trends you find concerning?
Looking ahead, I foresee increased emphasis on AI ethics and data privacy, as well as more stringent global regulations. One concerning trend is the potential for regulatory fragmentation, which could create compliance challenges for multinational organizations. However, this also presents an opportunity for the industry to innovate and develop more robust data protection frameworks.
Furthermore, one of the most pressing challenges we face today is the complex geopolitical landscape and the escalating frequency of cyberattacks, including cyberterrorist attacks targeting both our organizations and those of our partners. These threats underscore the importance of robust cybersecurity measures and the need for continuous vigilance in protecting, inter alia, personal data.
Finally, as consumers become more aware of their privacy rights, there will be increasing pressure on businesses to demonstrate accountability and transparency in their data practices.
In today’s environment, investing in privacy compliance is not just a regulatory necessity but a strategic imperative. Organizations that prioritize privacy are better positioned to build trust with their customers and employees and mitigate risks. Consequently, the role of privacy professionals has never been more critical. They (we) are essential in navigating the complex regulatory landscape, ensuring compliance, and fostering a culture of privacy within our organizations.
Thank you so much Victor for taking the time to speak with us! We can’t wait to continue the conversation further in Berlin on the 24th and 25th of October. See you soon!
Thank you! I’m looking forward to it as well. See you in Berlin!