The 2020 Brussels Privacy Symposium is the fourth-annual academic program jointly presented by the Brussels Privacy Hub of Vrije Universiteit Brussel (VUB) and the Future of Privacy Forum (FPF) and is a global convening of practical, applicable, substantive privacy research and scholarship. This year the event is organised by Professor Dr. Gianclaudio Malgieri, in representation of the Brussels Privacy Hub, and Dr. Gabriela Zanfir-Fortuna, in representation of the Future of Privacy Forum, where she is Senior Counsel.

Special guests will be the European Data Protection Supervisor (Dr. Wojciech Wiewiórowski) and the European Commission delegate to work at Data Governance reform (Dr. Malte Breyer-Katzenberg).

On December 2, 2020, the fourth iteration of the Brussels Privacy Symposium, “Research and the Protection of Personal Data Under the GDPR”, will occur as a virtual international meeting where industry privacy leaders, academic researchers, and regulators will discuss the present and future of data protection in the context of scientific data-based research.

The symposium will take place virtually on December 2, 2020, from 14:00 – 17:00 (CET), which is 8:00 – 11:00AM (ET).

To reserve your spot, register here.

This is a special moment to bring together thought leaders and regulators in data protection and privacy and competition law.

The COVID-19 pandemic has brought to the fore the crucial role that data collection, analysis, sharing, and dissemination play for governments, academic institutions, and private sector businesses racing to advance research to help contain, mitigate and remedy the disease. It also illustrates that data protection safeguards are essential to build public trust for the swift adoption of data-based solutions that respect fundamental rights. But the effect of privacy and data protection laws on scientific research extends beyond the pandemic and healthcare. The interactions between data protection and research are complex, with privacy and data protection enhancing individuals’ trust and ensuring respect of fundamental rights and ethical standards, while at the same time creating friction for data sharing across organizations and borders.

The EU General Data Protection Regulation (GDPR) provides a tailored framework for processing personal data for research purposes, which allows for differences in implementation at the Member State level and presents questions about the interpretation and implementation of issues such as the scope of research; repurposing personal data, including sensitive data; researchers’ access to corporate databases; sharing data across international borders; and the use of data protection enhancing techniques such as key coding and pseudonymization. Other legal frameworks, including emerging US privacy laws, call for the creation of ethical review boards for data research in organizations, including businesses that have not traditionally adhered to ethical standards such as the Common Rule. In this year’s Brussels Privacy Symposium (which will take place online), leading ethicists, scientists, lawyers, and policymakers discuss the present and future of data protection in the context of scientific data-based research under the GDPR.

Symposium Agenda

A detailed agenda can also be accessed here.

14:00-14:15 (CET) – Introduction from the co-hosts

  • Jules Polonetsky, FPF
  • Prof. Christopher Kuner, VUB

14:15-14:45 (CET) – Opening Keynote

  • Malte Breyer-Katzenberg, DG CONNECT, European Commission
  • Invited Guest Speaker (TBC)

14:45-15:45 (CET) – Complex Interactions: the GDPR, Data Protection and Research

The GDPR provides safeguards and derogations relating to the processing of personal data for scientific research purposes. At the same time, the framework limits the collection of sensitive data and its sharing across organizations and national borders.

In an era when EU institutions and international organizations advocate for data philanthropy and the sharing of personal data for compelling public interest grounds, legal frameworks must strike a delicate balance between public interests and individual rights. How do experts assess the interactions between scientific progress and the protection of rights under the GDPR? What have the effects of GDPR been on research in academic and corporate settings? Against the backdrop of the COVID-19 pandemic, this session explores whether GDPR has facilitated or hindered data research for healthcare purposes as well as in a broader context.


    • Gianclaudio Malgieri, Associate Professor EDHEC Augmented Law Institute (Lille); Affiliated Researcher LSTS VUB


    • Claire Gayrel, EDPS
    • Dara Hallinan, FIZ Karlsruhe – Leibniz Institute for Information Infrastructure
    • Ciara Staunton, School of Law, Middlesex University, London and Centre for Biomedicine, EURAC, Bolzano, Italy
    • Henrik Junklewitz, JRC, European Commission

15:45-16:00 (CET) – Break

16:00-17:00 (CET) – Using Sensitive Data in Research to Counter (Hidden) Bias and Discrimination

Scientific research often depends on the broad collection, use, and sharing of special categories of data. In the context of COVID-19, organizations may study not only individuals’ health, but also data about the geolocation, proximity, genetics, biometrics, and racial and ethnic origins of entire populations. While research often entails the processing of sensitive data, and hence presents privacy risks, it can also unearth covert bias and discrimination (for example, in the context of education, credit, housing, criminal justice and more). In this session, experts discuss the scope of the definition of sensitive data as well as the rules that should apply to the processing of sensitive data in the research arena. How can researchers ensure data based practices minimize privacy risks while at the same time not glossing over existing societal imbalances? What are the risks that methods such as differential privacy obfuscate underlying inequities? How will organizations use sensitive data to unearth and counter hidden bias and discrimination without abusing their access to such information? Where are the bounds of ethical data research in corporate environments, including healthcare, financial, advertising, and digital platforms?


    • Gabriela Zanfir-Fortuna, Senior Counsel FPF, Affiliated Researcher LSTS VUB


    • Elettra Ronchi, Organisation for Economic Co-operation and Development
    • Paul Quinn, VUB
    • Heng Xu, American University
    • Knut Mager, Novartis

17:00 – 17:15 – Closing Keynote

Dr. Wojciech Wiewiórowski, European Data Protection Supervisor

In its January 2020 Preliminary Opinion on data protection and scientific research, the EDPS recommends intensifying the dialogue between DPAs and ethical review boards for a common understanding of which activities qualify as scientific research, on codes of conduct for scientific research, and on closer alignment between EU research framework programs and data protection standards. In his keynote comments, the EDPS discusses the report and reflects on the day’s sessions.