On Data Protection Day 2026, organized by the European Data Protection Supervisor (EDPS) and the Council of Europe, I moderated a panel examining whether regulatory frameworks can effectively address the rapidly evolving online tracking landscape. The panel brought together Rosa Barcelo (McDermott Will & Emery), Itxaso Domínguez de Olazábal (EDRi), and Cristiana Santos (Utrecht University) for a discussion structured around five themes: the Digital Omnibus proposal's scope, shifts affecting Article 5(3) of the ePrivacy Directive's consent-first principle, contested analytics exceptions, practical consent mechanisms including machine-readable signals and dark patterns, and the emerging question of AI agents browsing and consenting on behalf of users. In a related session, the Lisbon Council hosted a High-Level Working Lunch on Privacy-Enhancing Technologies in Digital Advertising, exploring whether PETs represent a way around privacy rules or an important way forward for Europe's competitiveness.

This recap covers the panel moderation at the OECD Consent Technologies Roundtable held in Paris on March 18, 2025. The opening remarks framed the discussion around key tensions and challenges in the rapidly evolving consent management space, focusing on the evolution from basic website analytics to today's complex multi-party tracking ecosystem. The moderation addressed three critical challenges facing consent management: the fundamental imbalance between granting and revoking consent (Consent vs. Revocation Asymmetry), the tension between interface simplicity and meaningful user control, and the complex problem of signal interpretation when multiple consent indicators conflict. The discussion emphasized the promise of standardization while acknowledging the need to balance simplicity against nuanced privacy choices and the concept of 'privacy in numbers' through uniform signals.

This recap covers the Privacy & Generative AI Symposium organized by the Office of the Privacy Commissioner of Canada on December 7, 2023. The event examined the critical intersection of privacy and generative artificial intelligence, bringing together experts, policymakers, and industry professionals to discuss opportunities and challenges in rapidly evolving AI technologies. Gary Marcus delivered the keynote presentation, challenging prevailing assumptions about current AI systems and highlighting AI data leakage risks, transparency imperatives, and the need for independent scientific voices in policy discussions. Three expert panels explored generative AI technology opportunities and risks, governance frameworks and regulation, and the balance between innovation and human rights protection. Key themes included embedding ethical considerations throughout AI development lifecycles, treating privacy protection as foundational, and developing adaptive regulatory frameworks that can evolve with technology.

This summary covers key insights from the Future of Privacy Forum workshop on Privacy Preserving Machine Learning, held on May 25, 2023. The workshop focused on addressing bias in AI systems through practical frameworks for detection, reporting, and mitigation. Participants developed five critical questions for bias assessment: What is the data's provenance? How representative is the data? Is the data balanced? Has intersectionality been considered? Are sensitive attributes present in the data? The workshop emphasized that AI bias is not merely a technical problem but a socio-technical challenge requiring both algorithmic understanding and awareness of human social dynamics. Key insights included the importance of continuous vigilance in bias detection, the need for diverse perspectives throughout AI development lifecycles, and the recognition that effective bias mitigation requires systematic approaches that go beyond one-time assessments.

This is the complete transcript of my keynote address delivered at the EDAA Summit 2023 in Brussels, examining the intersection of ethics and technology in digital advertising, with particular focus on political microtargeting and democratic implications. The keynote addresses the roles and responsibilities of three main actors in the digital advertising landscape: publishers, advertisers, and platforms. Drawing from research conducted with the Dutch Broadcasting Foundation NOS, the presentation reveals significant cookie law violations by major Dutch political parties and explores the broader implications for democratic processes, data protection, and the need for ethical advertising practices that respect privacy rights and democratic values. An update section discusses subsequent developments, including the Dutch DPA's firm response to these violations and the enactment of EU Regulation 2024/900 on political advertising transparency.