Privacy Engineering Insights

Research and analysis on EU regulatory affairs, AI governance, and data protection.

Data Protection Day 2026: Can Regulatory Frameworks Keep Up with Online Tracking?

Rob van Eijk·2026·10 min read

This recap covers two related events from January 2026: (A) panel discussion in five parts and (B) privacy-enhancing technologies in digital advertising. What emerges from both is a central challenge: (C) looking ahead, enforcement must catch up with innovation, and regulators must understand the technical realities they aim to govern. On Data Protection Day 2026, Rob van Eijk (Future of Privacy Forum) moderated a panel examining whether regulatory frameworks can effectively address the rapidly evolving online tracking landscape. The European Data Protection Supervisor (EDPS) and the Council of Europe organized the event. The panel brought together Rosa Barcelo (McDermott Will & Emery), Itxaso Domínguez de Olazábal (EDRi), and Cristiana Teixeira Santos (Utrecht University). The discussion surfaced fundamental tensions in Europe's approach to digital privacy. You can watch the panel recording on YouTube. During the same week, the Lisbon Council hosted a High-Level Working Lunch examining privacy-enhancing technologies in digital advertising. The invitation-only gathering brought together stakeholders from industry, civil society, and regulators. Participants explored whether PETs represent a workaround to privacy rules or a path forward for European competitiveness.

OECD Consent Technologies Roundtable: Opening Remarks on the Evolution of Consent

Rob van Eijk·2025·5 min read

This recap covers my panel moderation at the OECD Consent Technologies Roundtable held in Paris on March 18, 2025. My opening remarks framed the discussion around key tensions and challenges in the rapidly evolving consent management space, focusing on the evolution from basic website analytics to today's complex multi-party tracking ecosystem. The moderation addressed three critical challenges facing consent management: the fundamental imbalance between granting and revoking consent (Consent vs. Revocation Asymmetry), the tension between interface simplicity and meaningful user control, and the complex problem of signal interpretation when multiple consent indicators conflict. The discussion emphasized the promise of standardization while acknowledging the need to balance simplicity against nuanced privacy choices and the concept of 'privacy in numbers' through uniform signals.

Privacy & Generative AI Symposium Recap

Rob van Eijk·2023·7 min read

This blog post summarizes key insights from the Privacy & Generative AI Symposium organized by the Office of the Privacy Commissioner of Canada on December 7, 2023, where I participated on behalf of The Future of Privacy Forum. The event featured a keynote by Gary Marcus examining AI's limitations and risks, followed by three panel discussions covering AI technology opportunities, governance challenges, and human rights considerations. The symposium provided critical perspectives on AI's disconnect from reality, data leakage risks, and the misalignment between corporate profit motives and global interests. Discussions emphasized the need for transparent AI development practices, controlled access to AI technology, and the importance of including independent scientific voices in policy decisions to ensure responsible AI governance.

Addressing Bias in AI Systems: A Holistic Approach to Detection, Reporting, and Mitigation

Eijk R. van·2023·9 min read

This blog post summarizes insights from a Future of Privacy Forum workshop on Privacy Preserving Machine Learning (PPML) held on May 25, 2023, where experts from Holistic AI presented on performing bias assessments in AI systems. The post explores practical approaches to identifying and addressing unfair treatment in machine learning applications used in recruitment, judicial systems, and other critical domains. The content covers five key questions for bias assessment, a three-phase cyclical framework (assessment, reporting, and mitigation), and the challenges posed by data collection regulations like GDPR and NYC Local Law 144. Special attention is given to intersectionality considerations and the trade-offs between performance, privacy, and fairness in AI system development.

Microtargeting: On the critical connection between ethics and ad-technology

Eijk R. van·2023·13 min read

This blog post presents the complete transcript of my keynote address delivered at the EDAA Summit 2023 on November 14, 2023, titled "Ethics in Technology: The Way Forward for Online Advertisers." The presentation examines the ethical and legal complexities of microtargeting in online advertising, particularly focusing on political campaigns and data protection violations discovered in Dutch political parties' websites during the 2023 parliamentary election. The keynote addresses the roles and responsibilities of three main actors in the digital advertising landscape: publishers, advertisers, and platforms. Drawing from research conducted with the Dutch Broadcasting Foundation NOS, the presentation reveals significant cookie law violations by major Dutch political parties and explores the broader implications for democratic processes, data protection, and the need for ethical advertising practices that respect privacy rights and democratic values. An update section discusses subsequent developments, including the Dutch DPA's firm response to these violations and the enactment of EU Regulation 2024/900 on political advertising transparency.

Accessibility
Cookie Policy
Privacy

Copyright © 2019 - 2026 Team Blaeu. Content is licensed under CC BY 4.0 unless otherwise noted. Team Blaeu is a registered trading name of Blaeu Privacy Response Team B.V.