Gabriela Zanfir-Fortuna

Vice President for Global Privacy

> About > Staff > Gabriela Zanfir-Fortuna

Dr. Gabriela Zanfir-Fortuna is the Vice President for Global Privacy at the Future of Privacy Forum, where she leads the work on Global privacy developments and counsels on EU data protection law and policy, working with all FPF’s offices and partners around the world. She created and curates FPF’s Global Privacy blog series.

Gabriela currently serves as a member of the Reference Panel of the Global Privacy Assembly, and she is also a member of the Executive Committee of the ACM FAccT (Fairness, Accountability and Transparency) Conference, since 2021. She is a member of the European Digital Media Observatory (EDMO) Working Group on Access to Platform Data, working on the creation of a Code of Conduct on access to platform data under Art. 40 of the GDPR. 

As a data protection and privacy law expert, Gabriela recently testified for the FTC on data portability and for the European Parliament’s LIBE Committee on the EU’s proposed Data Governance Act. 

Prior to moving to the US in 2016, she worked for the European Data Protection Supervisor in Brussels, being part of the team that advised the EU legislator on the GDPR during its legislative process. She dealt with both enforcement and policy matters, was a member of the EDPS litigation team appearing before the Court of Justice of the EU, as well as actively participated in the work of the Article 29 Working Party. She worked on the assessments of both the draft EU-US Privacy Shield and the draft EU-US Umbrella Agreement during her time at the EDPS and the Article 29 Working Party.

She previously served as a Program Chair (Law) for the ACM FAccT 2020 and as a member of the Program Advisory Committee for the ICDPPC 2019 Conference in Tirana. She was also a member of the Program Committee of PLSC Europe, CPDP – academic track, ACM – AIES 2020, and the ENISA Annual Privacy Forum. She served as a Project Scientist supporting the IoT Privacy Infrastructure Project within the Institute for Software Research of Carnegie Mellon University (2019 – 2020).

Gabriela holds a PhD in law (2013, University of Craiova) with a thesis on the rights of the data subject from the perspective of their adjudication in civil law and an LLM in Human Rights (2010), after obtaining her law degree at the same university (2009). She is also an associated researcher with the Law, Science, Technology and Society Center at Vrije Universiteit Brussel. 

Gabriela is a contributor-author to ‘The EU General Data Protection Regulation – A Commentary‘, edited by C. Kuner, C. Docksey and L.A. Bygrave, Oxford University Press, 2020 (on Articles 13, 14, 15, 21 and 82). She is also the author of the volume ‘Protecția Datelor Personale. Drepturile Persoanei Vizate‘, C.H. Beck, Bucharest, 2015.

Author: Selected Work

2021 forthcoming: “Data Protection and Competition Law: The Dawn of ‘Uberprotection’”, Chapter in Research Handbook on Privacy and Data Protection Law: Values, Norms and Global Politics, G. González Fuster, R. van Brakel and P. De Hert (eds.), Edward Elgar Publ’g, co-authored with Sinziana Ianc.

2021: “China’s new comprehensive data protection law: Context, stated objectives, key provisions”, co-authored with H. Dorwart and C. Girot for the Future of Privacy Forum’s Blog.

2021: Article 16 TFEU – Commentary, in “The Treaty on the Functioning of the European Union. A commentary”, H.-J. Blanke and S. Mangiameli (eds.), Springer, co-authored with Christopher Docksey.

2020: co-author of “The EU General Data Protection Regulation: A Commentary” edited by C. Kuner, L. A. Bygrave, C. Docksey, Oxford University Press (Articles 13, 14, 15, 21 and 82).   

2020: “America’s ‘Privacy Renaissance’: What to expect under a new presidency and Congress’”, Ada Lovelace Institute’s Blog. 

2018: “Data Protection by Design and by Default: Framing Guiding Principles into Applicable Rules”, co-authored with I. Kamara, L. Jasmontaite and S. Leucci, European Dara Privacy Law Review 2.

2016: “A missed opportunity: The Amazon case that almost made data subjects into consumers”, in European Data Protection Law Review, Volume 2, Issue 4.2015 (volume): “Protecția Datelor Personale. Drepturile persoanei vizate(Personal data protection. The rights of the data subject), C.H. Beck, Bucharest.

Posts by Gabriela

How Data Protection Authorities are De Facto Regulating Generative AI
Read More
EU’s Digital Services Act Just Became Applicable: Outlining Ten Key Areas of Interplay with the GDPR
Read More
The Digital Personal Data Protection Act of India, Explained
Read More
View More