We were pleased to be joined by a diverse group of experts bringing different perspectives to the workshop: Koen Gorissen, President of the Belgian Data Protection Authority; Prof. Dr. Eva Lievens, Professor of Law & Technology at Ghent University; Nicholas Knoop, Data Protection Officer at HubSpot; Gabriela Mercuri, Managing Director of SCOPE Europe, who moderated the session.
The session explored key insights from the European Commission’s Second Report on the Application of GDPR and how they translate into practice. Participants touched on recurring implementation challenges, including divergent interpretations, enforcement timelines, and the need for more tailored, sector-specific guidance.
One of the key themes was the value of co-regulatory tools—such as codes of conduct and certification mechanisms—in bridging gaps between regulators and industry to drive compliance. These tools were seen as especially helpful in clarifying compliance expectations, with the potential to support SMEs and being adaptable to the growing complexity of overlapping regulations.
The workshop also addressed:
- The need for clearer, more accessible guidance—particularly for smaller organizations.
- Aligning the GDPR with emerging digital regulations, including the AI Act - as some of the most pressing challenges in the coming years.
- The importance of practical cooperation across supervisory authorities and between public and private sectors to ensure consistency and effectiveness.
- The potential of codes of conduct to support responsible data use in other domains like AI and international data transfers.
We’re grateful to everyone who participated in the workshop, contributing to a rich and insightful exchange!
