News Item

Securing Personal Data in the Wake of AI

This year’s Annual Privacy Forum focused on pressing personal data protection challenges raised by the ever faster-paced developments witnessed today in digital technologies and legislative initiatives.

Published on June 01, 2023

Organised by the European Union Agency for Cybersecurity (ENISA) together with the directorate general of the European Commission for communications networks, content and technology (DG Connect) and the National Institute for Research in Digital Science and Technology (INRIA), the 2023 edition of the event took place in Lyon, France.

This 11th edition brought together a total of 26 speakers and over 400 participants both physically and remotely.

Panels of experts were given the chance to address some of the most pressing topics in relation to the securing of personal data, including:

  • Emerging Technologies for personal data protection;
  • Machine learning and personal data processing;
  • Personal data sharing under the European Data Strategy;
  • Promoting GDPR compliance and data subject rights.

European Union Agency for Cybersecurity, Executive Director Juhan Lepassaar, commented:ENISA has been analysing AI risks for the last 5 years. To prepare for a secure and trusted AI, the safeguards need to be in place. Today AI and in particular machine learning pose great challenges to data protection and privacy. Trust is what underpins the secure adoption and maturity of these technologies. Personal data protection measures are an impactful way to gaining this trust.”

Wojciech Wiewiorowski, European Data Protection Supervisor: “It would be reductive to not look at the benefits that AI can bring to society, such as faster decision making and easy-to-use automation. However, the risks to individual rights are significant and can have a profound impact on our democracies. By proactively addressing these risks, we can harness the potential of AI while safeguarding privacy rights. It is crucial to take action now to ensure responsible and ethical implementation of AI technologies.”

Challenges and opportunities: the conference’s key take-aways

  • Within the three panel discussions, regulators from EU Institutions, France, Spain and Norway together with policy makers and industry practitioners, debated on which are the data protection engineering challenges for the years to come, what is the role of Data Protection Authorities in the artificial intelligence era and the data protection prospects and contemplations when processing medical data in the post pandemic era.
  • Further to these discussions, invited speakers also elaborated on the AI regulatory approaches on artificial intelligence across the two sides of the Atlantic and how Zero Knowledge Proof technique can be deployed as a privacy enhancing technique in real life applications.

The Annual Privacy Forum was co-located and organised back to back with the EDPS IPEN workshop as part of their strategic cooperation and the Memorandum of Understanding signed between ENISA and the EDPS in 2022.  

Further Information

Relevant ENISA publications:

Other information:

About the Annual Privacy Forum

The Annual Privacy Forum (APF) has become a renowned forum among policy-makers, researchers and industry stakeholders in the area of privacy and personal data protection who join forces to advance information security. The forum is set against the EU legislative background that is mainly, but not exclusively, comprised of the GDPR and the draft ePrivacy Regulation. The event sets the stage for new research proposals, solutions, models, applications and policies. In the last few years, the forum has also developed a deeper industry footprint to complement its original research and policy orientation.

About the European Union Agency for Cybersecurity (ENISA)

The EU Agency for Cybersecurity has been working in the area of privacy and data protection since 2014, by analysing technical solutions for the implementation of the GDPR, privacy by design and security of personal data processing. The Agency has been providing guidance on data pseudonymisation solutions to data controllers and processors since 2018.


For press questions and interviews, please contact press (at)


This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies