Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

EU: ENISA summarises discussions at 10th Annual Privacy Forum

The European Union Agency for Cybersecurity ('ENISA') published, on 24 June 2022, a statement celebrating 10 years of its Annual Privacy Forum ('APF'), summarising key topics discussed at the APF 2022 in Warsaw. In particular, ENISA outlined that artificial intelligence ('AI'), data sharing, and Privacy by Design were top data protection and cybersecurity topics. More specifically, ENISA highlighted that AI systems may process personal information independently without taking into account compliance with the data protection principles under the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'), which may lead to unexpected consequences and impacts for individuals. Furthermore, ENISA clarified that risks to privacy posed by rapid advancement of digital solutions require an approach which addresses evolving technological and legal challenges, such as:

  • the rule-based use of large AI models;
  • definition of criteria for trustworthiness in the technologies used;
  • increasing power of large platforms to predict data subject behaviour and considering a rule-based approach on collected data;
  • a collaboration strategy between data protection authorities;
  • preserving privacy when data sharing; and
  • new tools to adequately respond to new emerging EU regulations such as the Digital Services Act, Digital Markets Act, the AI Act, and the Directive on Security of Network and Information Systems ('NIS2 Directive'.

Additionally, ENISA stated that, if Privacy by Design is applied in cookie banners, banners for third party cookies especially should pay particular attention to explaining the purposes of usage rather than technology-based explanations.

You can read the press release here.