FPF Training Program:
Data Protection by Design & by Default

Oct. 25 | 17:00-18:30 CET, 11AM-12:30PM ET


FPF’s Training Program provides an in-depth understanding of today’s most pressing privacy and data protection topics. FPF staff experts design the sessions for professionals who develop policies for their organizations, work with clients on complex privacy issues, or those interested in emerging privacy topics.

On 17 May 2023, the Future of Privacy Forum launched a Report on the enforcement of the EU’s GDPR Data Protection by Design and by Default (DPbD&bD) obligations, which are outlined in Article 25 GDPR. The Report draws from more than 92 data protection authority (DPA) cases, court rulings, and guidelines from 16 EEA member states, the UK, and the EDPB to provide an analysis of enforcement trends regarding Article 25.

GDPR’s DPbD&bD obligations are seen as a tool to enhance accountability for data controllers, implement data protection effectively, and emphasize the proactive implementation of data protection safeguards. Therefore, this FPF training session can become a valuable roadmap for anyone wishing to understand how DPAs perceive Article 25 GDPR obligations.

The session will cover topics including:

  • The controllers’ responsibilities when engaging with third-party product and service providers;
  • Whether cost-based justifications can be used to avoid choosing a state-of-the-art measure;
  • The role of organizational measures amid the use of technical ones and what it means to choose a measure that is appropriate and effective;
  • How Article 25 GDPR is relevant to all sectors and processing activities, from those involving cutting-edge technology to straightforward ones. For instance, ensuring the data accuracy principle from the beginning of a data processing lifecycle can be particularly relevant for controllers of AI systems;
  • The interrelationship between DPbD&bD and Privacy Enhancing Technologies (PETs) to explore whether the latter can be used as a means towards reaching compliance with Article 25 of the GDPR

Please note the session start time is CET timezone: 17:00-18:30 CET; 11AM-12:30PM ET

After completing each training course, you will receive a digital badge from Credly that can be shared on your professional network as a mark of the skills you’ve acquired.

Government/Non-Profit Rate
FPF Member
Non-Member Rate

Cancellation Policy

Cancellations will be honored, minus our vendor’s processing fee, up to 3 days prior to the session. For cancellations after that date, we will honor the registration for the next scheduled date of this session or an alternate FPF training class.

Training Faculty

Dr. Rob van Eijk

Managing Director for Europe, Future of Privacy Forum

Rob van Eijk serves as the Future of Privacy Forum’s Managing Director for Europe. In this role, van Eijk implements FPF’s agenda in Europe, overseeing its day-to-day operations, and managing relationships with stakeholders in the industry, government, academia, and civil society. Read his full bio.

Christina Michelakaki

Policy Fellow for Global Privacy, Future of Privacy Forum

Christina Michelakaki is a Policy Fellow for Global Privacy at the Future of Privacy Forum (FPF). She is following global trends in data protection and privacy laws around the world but also focuses on European and national case law, recent academic research, guidelines, and decisions from the European Data Protection Board and national Data Protection Authorities. Read her full bio.