Welcome to my personal page!
I'm Rob van Eijk, the Founder and CEO of Blaeu Privacy Response Team B.V. (Team Blaeu), a consultancy specialized in legal aspects of data architectures and complex data flows. I am also the Managing Director for Europe at the Future of Privacy Forum (FPF). In this role, I lead FPF's operations in Europe , have established a dedicated team in Brussels, and continuously engage with key stakeholders.
Before joining FPF, I spent nearly a decade at the Dutch Data Protection Authority. There, I served as a Senior Supervision Officer and (Lead) Technologist. I've had the privilege of representing the Dutch DPA at various international forums, such as the Technology Expert group of the European Data Protection Board (EDPB), the Article 29 Working Party (WP29), and twice as a technical expert in court (ECLI:NL:RBDHA:2016:14088 ). I took an active role in major multi-stakeholder negotiations concerning digital privacy standards on behalf of European Data Protection Authorities.
My background is rooted in technology, and I've earned an M.Sc. from the Leiden Institute of Advanced Computer Science and a Ph.D. from Leiden Law School , where I delved into online advertising and real-time bidding. From 2021 to 2023, I expanded my horizons as a guest professor at Leiden University, sharing my insights on Explainable AI at the Leiden Centre of Data Science and contributing to the Leiden Legal Technologies Program .
Outside of work and academia, I'm passionate about cycling and open-water swimming. I've completed renowned cycling challenges like Liège-Bastogne-Liège and the Marmotte Granfondo Alpes on two occasions. I also had the honor of chairing the organizing committee for the first-ever Dutch Student Championships 1/4-triathlon.
This page is updated regularly and contains an overview of my work divided into two sections: tiles with Highlights and a tabular overview of Publications & Other Work . For a quick preview or to get a taste of a cross-section of my work, I recommend looking at the tabs Popular and Media . The tab Popular contains links to, e.g., a mobile/web application, infographics, and recordings of interviews for television, radio, and podcasts. The tab Media contains links to quotes in magazines and newspapers.
The keynote speech focuses on critical issues in digital advertising and data protection, addressing concerns like microtargeting in political campaigns, unlawful data collection, and cookie compliance, particularly in the context of the 2023 Dutch elections. It also delves into broader topics such as the roles of various stakeholders, regulatory responses, privacy concerns with tools like Google Analytics, ethical considerations in personalized advertising, and the role of social media in ensuring fair and unbiased ad distribution. (image created by DALL-E, OpenAI's image generation model)blogpost
Several Dutch political parties, including BoerBurgerBeweging (BBB), Forum for Democracy (FvD), SGP, and Volt, have been found to violate privacy laws by improperly placing tracking cookies on their websites without user consent. This finding, according to NOS research and confirmed by cookie expert Rob van Eijk, reveals that these cookies, intended for personalized advertising, are placed before users give permission, which breaches laws established in 2012. BBB, FvD, and Volt acknowledged the errors and are working on rectifications, while the SGP has not yet responded. The Dutch Data Protection Authority, alarmed by these violations, is seeking explanations from the involved parties. Additionally, parties like D66 and CDA also encountered issues for using external cookies and have promised to resolve them. This situation underscores the broader challenge of ensuring digital privacy in political campaigning.quote in magazine/newspaper
Hyper-Nudging: fantasy or realistic fiction? I took part in the Plutopia News Network Podcast alongside Contributing Editor Wendy M Grossman, Jon Lebkowsky, and Scoop Sweeney. We touched upon digital advertising, AI's role in ads, and the intriguing concept of 'hyper-nudging' when A/B testing meets state of the art machine learning. In essence, 'hyper-nudging' is about using real-time data analysis, e.g., A/B-testing, and fine-tuned foundation models to 'nudge' users towards certain actions or decisions in the digital world. This nudge is based on a deep understanding of the user's behavior and preferences, making it hyper-personalized. The concept is particularly significant in the realm of online advertising, where brands are constantly trying to capture the attention of users and influence their buying behaviors. (image created with Bing Image Creator)podcast
On 25 May 2023, the Future of Privacy Forum organized a workshop on the state-of-play of Privacy Preserving Machine Learning (PPML). Lindsay Carignan, Head of Customer Success at Holistic AI, and Nigel Kingsman, AI Audit and Assurance Office at Holistic AI, took the floor with a presentation on the question: how to perform a bias assessment? To better understand potential bias, five key questions were proposed: What is the data's provenance? How representative is the data? Is the data balanced? Has intersectionality been considered? Are sensitive attributes present in the data? The presenters were tasked to explain a complex technical topic to a non-technical audience. This blog post summarizes what I learned and elaborates on some of the key concepts presented. (image license: Andrey Popov/Shutterstock.com)blog post
Nieuwsuur (News Hour) is the leading Dutch current affairs television program broadcasting daily at 9.30 pm with an average of 570,000 viewers. I contributed (in Dutch) on behalf of Future of Privacy Forum to a news item on the state of play of ad fraud in the Dutch advertising market. I argue that when I look at the state of the art of ad-fraud technology, it is fair to say that the cat and mouse game is not linear. Much remains undetected. The criminals are winning as long as they can develop more intelligent algorithms that stay under the radar. Online ad fraud has existed for years but used to be committed mostly with click farms. Nowadays, criminals are using computer programs and algorithms that increasingly imitate human click behavior.television interview [23m37s - 30m42s]
Nieuwsuur (News Hour) is the leading Dutch current affairs television program broadcasting daily at 9.30 pm. I contributed (in Dutch) on behalf of Future of Privacy Forum to a news item on the European Digital Green Certificate. New European legislation is being prepared for (1) the issuance, (2) the verification, and (3) the acceptance of interoperable certificates on (a) vaccination, (b) testing, and (c) recovery to facilitate free movement during the COVID-19 pandemic (EU Digital Green Certificate). The interview provides (a beginning of) an answer to the question: to what extent can the Digital Green Certificate help us open up borders while mitigating the risk of the spread of the COVID-19 virus?television interview [00m00s-13m35s]
Max Meldpunt (News Hour) is a Dutch current affairs television program broadcasting weekly at 7.20 pm. I contributed (in Dutch) on behalf of Future of Privacy Forum to a news item on Personal Health Apps connecting to a Health platform (Persoonlijke Gezondheids Omgeving). The medical technology (Medtech) infrastructure allows data subjects to view patient records (from their family doctor) and medication history (from their pharmacy) under their right of access and right of data portability. I zoom in on privacy aspects of the network of Medtech providers connecting the family doctor's information systems to portal backends and app provider frontends.television interview [11m28s-25m06s]
NOS OP3 created a mobile/web application visualizing online advertising. I provided detailed background information on the intricacies of online advertising (real-time bidding). We explain (in Dutch) digital advertising to young digital natives with this web application. Behavioral advertising is possible because you have given your consent through a cookie banner. How does the ad sale work? In the interactive story, we'll show you the world that comes into effect when you click the 'Agree on cookies' button.mobile/web application
We crawled 1,500 European, American, and Canadian websites from 18 countries. We detected cookie notices on 40% of websites in our sample. We treat the presence or absence of cookie notices and visual differences as proxies for differences in privacy rules. Using a series of regression models, we find that the website's Top Level Domain explains a substantial portion of the variance in cookie notice metrics. Still, the users' vantage point does not. It suggests that websites follow one set of privacy rules for all their users. This finding has one exception: cookie notices differ when accessing .com domains from inside versus outside of the EU.conference paper: refereed
Tracking cookies and similar tracking techniques are nowadays omnipresent on the internet. Many popular online services are made possible due to online advertisements. When you are about to book a last-minute holiday online, you may experience that your purchase intention follows you on other websites. To understand online advertising (or Real-Time Bidding), we provide a literature review of online-tracking technologies and propose a new paradigm for Web Privacy Measurement (WPM).article in journal
In this contribution (in Dutch) to the lustrum bundle, we present insights from the thesis that are important for answering the following main legal question: Is the online user provided with clear and complete information in accordance with the Telecommunications Act (Tw) and the General Data Protection Regulation (AVG)? The emphasis is on (1) the purposes for which this information is used and (2) the degree of consent given by the user (compare article 11.7a paragraph 1).book chapter
In the doctoral thesis, I investigate the advertisements online that seem to follow you. The thesis shows that the data cause the interconnection between partners in an RTB network flows of the ad tech companies due to their specializations in ad technology. By applying network science algorithms, I arrive at measuring the privacy component of RTB. Furthermore, I show that a Graph-Based Methodological Approach (GBMA) controls the situation of differences in consent implementations in European countries.book
NOS Journaal is the news program of the Dutch public broadcast services (NOS). The eight o'clock news is the most important and also the longest daily bulletin broadcasted at 8 pm with an average of 1,810,000 viewers in 2013. I contributed (in Dutch) to a news item on Real-Time Bidding. I was still at the early stages of my Ph.D. research: collecting data by crawling national and regional news websites in Europe. The main argument of my contribution that made the headlines was that the number of third parties tracking online user behavior increased at an alarming rate. The recording was when Real-Time Bidding was catching on in the European market and the call for stricter European rules became louder.television interview [0m0s - 1m12s]
I was interviewed for an article on Real-Time Bidding against the background of technological breakthroughs in online advertising. The interview took place after one year of negotiating improvements for privacy online in the Tracking Protection Working Group of the World Wide Web Consortium. The article also led to an item by the Dutch public broadcast services (NOS) on Dutch television: 'Trading advertisements in a split second.' The fact that specialized companies traded ads in a fraction of a second was still unknown to the general public.quote in magazine/newspaper
I enjoy teaching and interacting with a group. Below you find five categories of teaching activities, i.e., students I co-supervised (A), contributions as guest professor to academic teaching programs (B), contributions to summer schools (C), academic guest lectures (D), and contributions to professional learning programs (E).