Privacy, cybersecurity & AI: practical insights for 2026

https://privacyrules.com/wp-content/uploads/2023/03/Logo_PR-320x169.png
bt_bb_section_bottom_section_coverage_image

Explore privacy, cybersecurity & AI: practical insights for 2026 – Live on January 28, 2026

Explore the evolving intersection of data protection, cybersecurity, and artificial intelligence during our upcoming live event on 28 January 2026, which will unfold across two segments starting at 8:30 and 14:10 CET. Through seven focused sessions, leading experts from Europe, the Americas, Asia-Pacific, Africa, and the Middle East will offer practical insights into managing data breaches, class actions, AI governance, and sector‑specific compliance challenges. The program will address both foundational regulatory issues and industry-driven use cases—ranging from minors’ data and health data innovation to fintech risk management and AI in recruitment—equipping organizations with the strategic understanding needed to navigate the legal and operational realities of 2026 and beyond.

Agenda

Location:

Live online webinar
Class actions after data breaches: global perspectives and practical Insights: 8:30 - 9:15 (CET)

When a data breach occurs, class actions can quickly follow—but the way they unfold varies dramatically across jurisdictions. Starting from a case example inspired by a recent real-life incident this session will explore how class actions are initiated and managed in different legal systems. Our panel of experts will discuss:

  • The role of Data Protection Authorities versus courts in opening cases
  • How groups or classes are identified
  • Key risks for companies and claimants
  • Precedent cases shaping current practices
  • Gain a comparative view of the pros and cons of each mechanism and practical insights to navigate these complex proceedings.

Speakers:

  • Bartosz Sujeki, Lawyer at Van Diepen Van der Kroef (Netherlands)
  • HyeJin Hwang, Partner at DLG Law Corporation (South Korea)
  • Kelly Dickson, Principal Lawyer at Macpherson Kelley (Australia)
  • Trevor Fenton, Partner at Shakespeare Martineau (UK)
Mastering the unpredictable: legal, security and communication strategies : 9:15 - 9:50 (CET)

Managing a cyber crisis is never simple—and the best defense is preparation. This session explores why organizations must plan ahead to handle the intricate interplay of legal, security, and communication requirements when a breach occurs. Our experts will break down:

  • The legal obligations and timelines for reporting and compliance

  • The security measures needed to contain and investigate incidents

  • The communication strategies for managing public perception and regulatory engagement

  • How these three perspectives intersect and why coordination is critical

  • Practical steps to build a breach response plan that works under pressure

By the end, you’ll understand how to align legal, technical, and communication teams for a unified, effective response.

Speakers:

  • Charlotte Riley, Director for Information Security and Technology at CSS Assure (UK)
  • Padraig Walsh, Partner at Tanner de Witt (Hong Kong)
  • India Bednall, Director of Strategic Communication at FTI Consulting (Australia)
Digital omnibus under scrutiny: 10:00 - 10:45 (CET)

This session provides a concise overview of the Digital Omnibus proposal, highlighting the key legal uncertainties and interpretative challenges emerging across Europe. Beatriz Rodríguez Gómez (RocaJunyent, Spain), currently preparing an opinion for the EDPB, will outline the proposal’s main issues and the broader debates at EU level, where several points remain contested or lack a unified interpretation.

Building on this context, Gerald Trieb (Knyrim Trieb Attorneys at Law, Austria) will examine one of the most debated elements of the proposal: the redefinition of personal data. Drawing on the EDPS v SRB decision, he will explain the reasoning behind this shift, why it has sparked controversy, and what it could mean in practice for classification, risk assessment, and compliance.

Together, the speakers will shed some light on both the general legal challenges surrounding the Digital Omnibus and the specific controversy of the new personal data definition.

Speakers

  • Beatriz Rodriguez Gomez, Parnter at RocaJunyent (Spain)
  • Geral Trieb, Partner at Knyrym Trieb Attorneys at Law (Austria)
One internet, many childhoods: the global race to protect digital youth: 14:10 - 14:45 (CET)

As jurisdictions worldwide tighten regulations around underage users, legal departments must navigate a fragmented landscape of “best interests of the child” standards. This panel brings together top legal minds to dissect the practical implications of Brazil’s LGPD, India’s Digital Personal Data Protection Act (DPDPA), and the EU’s evolving standards.

From age verification hurdles to the nuances of parental consent, our experts will discuss:

  • Regional Nuances: How Brazil and India are shaping emerging models for protecting minors online.
  • The Industry Perspective: How a global gaming giant like Ubisoft balances creative play with rigorous data safety.
  • Enforcement Trends: What the recent shift in regulatory appetite means for multinational digital services.
This session is designed for professionals navigating global child‑data regulations, including legal, privacy, trust & safety, and digital product leaders.
Speakers
  • Luiza Sato, Partner at Tozzini Freire (Brazil)
  • Carla Guillemot, Senior Legal Counsel, DPO, at Ubisoft (France)
  • Stephen Mathias, Partner at Kochhar & Co. (India)
  • Sara Brandstätter, Data Privacy & Security Reporter at MLex
Use of health data for Innovation – an upcoming revolution?: 14:45 - 15:30(CET)

As we enter 2026, the global health sector is navigating a paradigm shift: the transition from viewing data as a static record to treating it as a dynamic engine for AI-driven innovation. However, this “revolution” faces significant hurdles in data sovereignty, intellectual property, and public trust.

In this session, Anushka Sachdev (Attorney at Timelex) will discuss if the European Health Data Space is setting a new global standard for secondary use. Moving to the Americas, Mariela de la Guardia Oteiza (Partner at Icaza, González-Ruiz & Alemán) will share how Panama is bridging regional digital gaps, while Sara Capillo (Corporate Governance Coordinator at Grupo Fleury) will explore how Brazil’s massive digital ecosystem balances rapid AI growth with intricate IP frameworks.

Beyond the theory, our experts will examine whether these frameworks are truly ready to support a sustainable, collaborative, and fair global health economy. Participants will walk away with a practical roadmap of the “user journey” for international health datasets—from data discovery to the steps required for compliance. 

Speakers

  • Anushka Sachdev, Attorney at Timelex (Belgium)
  • Sara Cepillo, Corporate Governance Coordinator at Grupo Fleury (Brazil)
  • Mariela de la Guardia Oteiza, Partner at Icaza, González-Ruiz & Alemán (Panama)
AI in fintech: risk management, compliance, and strategic readiness : 15:45 - 16:30 (CET)

Artificial Intelligence is transforming the fintech sector—but with innovation comes risk. This session brings together experts from North America (USA), Africa (Kenya), and the Middle East (Saudi Arabia) to explore how AI is reshaping financial services and what organizations must do to stay compliant and secure. Key discussion points include: 

  • Recent laws and regulatory frameworks impacting AI in fintech 
  • Current adoption stages in different regions—are these markets ready? 
  • Risk management essentials: what boards need to know before investing 
  • The DPO’s role in safeguarding privacy and ensuring compliance 
  • How misplaced privacy considerations can derail projects or investments 
  • Practical steps to assess and mitigate risks in AI-driven processes 

This session offers actionable insights for decision-makers and compliance professionals navigating the intersection of AI, finance, and regulation. 

Speakers:

  • Janet Othero, Managing Partner at Cavendrys (Kenya)
  • Muneeb Imran Shaikh, Information Security, Data Privacy and AI Governance Consultant (Saudi Arabia/Middle East)
  • Katelyn E. Moody, Lawyer at FBT Gibbons (USA)
AI in recruitment: frameworks, risks, and practical strategies: 16:30 - 17:05 (CET)

AI-driven recruitment tools are increasingly becoming part of everyday business reality. At the same time, their black-box and autonomous features create significant legal and ethical minefields. These challenges become particularly complex in cross-border recruitment contexts, where legal and regulatory approaches differ, though core ethical principles remain broadly shared. This session will address common issues associated with deploying AI solutions during recruitment. In particular, our experts will discuss: 

  • Key elements of the EU framework and compliance requirements 
  • Challenges in Canada where no specific AI recruitment framework exists 
  • How companies can navigate multiple frameworks simultaneously 
  • The role of AI governance frameworks as the foundation for responsible use in HR 
  • Risk assessment methods to ensure responsible AI use in hiring 

This session provides practical strategies and actionable guidance for organizations deploying AI in recruitment to avoid compliance pitfalls and manage legal and reputational risks. 

Speakers

  • Mike SwiftChief Global Digital Risk Correspondent at MLex
  • Kristen Pennington, Partner at McMillan (Canada)
  • Endre Varady, Partner at VJT Partners (Hungary)
The program is divided into two complementary parts

Part 1 – Cybersecurity & data protection essentials in 2026

Part 2 – Sector-specific scenarios on AI & Privacy

bt_bb_section_top_section_coverage_image
bt_bb_section_bottom_section_coverage_image

Understanding data protection, cybersecurity & AI in practice across global markets

As organizations worldwide accelerate their adoption of artificial intelligence and data-driven technologies, the challenges of data protection, cybersecurity, and regulatory compliance are becoming increasingly complex. This live event will bring together leading experts from across jurisdictions to explore how organizations can manage cyber incidents, navigate evolving regulatory frameworks, and apply AI responsibly across sectors. Through practical case studies and global perspectives, the event will examine breach response and class actions, the impact of the GDPR Digital Omnibus, and the legal, ethical, and operational implications of AI in areas such as children’s data, healthcare, finance, and recruitment.

Your opportunity to engage and learn

Join dynamic, comparative discussions that explore how organizations and regulators across jurisdictions worldwide are addressing the legal, security, and ethical challenges of data protection, cybersecurity, and artificial intelligence. These sessions are designed to deliver practical, actionable guidance to help organizations manage cross-border compliance, respond effectively to cyber incidents, and strengthen governance frameworks across sectors.

Connect with leaders and experts

Gain valuable insights from top privacy and cybersecurity experts, connect with professionals across the region, and explore strategies to ensure your organization stays ahead of regulatory developments and public expectations surrounding biometrics.

Register here

Confirmed speakers

https://privacyrules.com/wp-content/uploads/2026/01/Website-pic-2026-01-18T192507.609.png

Partner at DLG Law Corporation (South Korea)HyeJin Hwang

Iris Hwang is a partner and a licensed patent attorney at DLG Law Corporation. She earned dual degrees in French Language and Information Culture Studies from Seoul National University and obtained her J.D. from Yonsei University Law School. With a multidisciplinary background in the humanities, digital media, and law, she brings a nuanced perspective to complex legal issues across industries.

Her expertise spans the content, entertainment, and e-commerce sectors, with a strong focus on IP licensing, content distribution, investment, M&A, copyright and trademark disputes, privacy compliance, and digital commerce.

https://privacyrules.com/wp-content/uploads/2024/11/Website-pic-12.png

Partner at Van Diepen Van der KroefBartosz Sujeki

Bartosz Sujecki, PhD, is partner at Van Diepen Van de Kroef Advocaten in Amsterdam, Netherlands. He is the head of the IP/IT department of Van Diepen Van de Kroef Advocaten. He is admitted to the Dutch and the German Bar and specializes in the field of intellectual property, IT-law and tech related commercial litigation.

Bartosz Sujecki studied German and Dutch law at the Leibnitz Universität Hannover, Germany, the Rijksuniversiteit Gronigen, the Netherlands, and the Universiteit van Amsterdam. In 2008, he has obtained a PhD on a comparative study on the introduction of electronic court proceedings from the Universiteit Utrecht.

https://privacyrules.com/wp-content/uploads/2026/01/Website-pic-copy-2.jpg

Principal Lawyer at Macpherson Kelley (Australia)Kelly Dickson

Kelly Dickson is the Managing Principal Lawyer of Macpherson Kelley’s Dandenong (Victoria, Australia) office.  Macpherson Kelley is a full service Australian commercial law firm, committed to providing law fit for business, with offices in Victoria, New South Wales and Queensland.

Kelly holds over 17 years of professional experience within the commercial legal sector, particularly in the commercial and trade aspects.

https://privacyrules.com/wp-content/uploads/2023/09/Website-pic.jpg

Chief Global Digital Risk Correspondent at MLex Mike Swift

Mike is an award-winning journalist who has been at the forefront of covering data, privacy and cybersecurity regulatory news for more than a decade. As the Chief Global Digital Risk Correspondent for MLex, in addition to reporting, he coordinates MLex’s worldwide coverage in the practice area.

Formerly chief Internet reporter for the San Jose Mercury News and SiliconValley.com, Mike has covered Google, Facebook, Apple, Microsoft, Twitter and other tech companies and has closely tracked technology and regulatory trends in Silicon Valley. He has wide ranging expertise from the business of professional sports to computer-assisted reporting. A former John S. Knight Fellow at Stanford University, he is a graduate of Colby College.

https://privacyrules.com/wp-content/uploads/2024/10/Website-pic-2024-10-06T223024.939.png

Data Privacy & Security Reporter at MLexSara Brandstätter

Sara is a correspondent at MLex, in the Data Privacy & Security team in Brussels, where she covers topics such as content moderation, child safety online and data privacy issues. Before joining MLex, she worked at the ORF correspondent’s office in Brussels and as a freelance journalist for various Austrian news outlets, where she covered politics and social issues. She was named one of Austria’s best 30 under 30 journalists in 2024. Sara holds a degree in Communication Science from the University of Vienna and an international master’s degree in Journalism, Media and Globalisation.
https://privacyrules.com/wp-content/uploads/2022/01/Website-pic-24.png

Partner at Shakespeare Martineau (UK)Trevor Fenton

Based in Edinburgh, Trevor is triple-qualified as a solicitor in Scotland, England & Wales, and as a barrister and solicitor in British Columbia (non-practising status). He is a Law Society of Scotland Certified Specialist in Cyber Security and has the certifications CIPP/E and CIPM.

Trevor advises clients on data protection and privacy (especially GDPR and PECR), commercial contracts and small business mergers and acquisitions.

Clients value his pragmatic, no-nonsense, plain-English approach and collaborative approach to negotiating deals that work for all parties.

https://privacyrules.com/wp-content/uploads/2024/10/Website-pic-2024-10-06T225316.912.png

Director for Information Security and Technology at CSS Assure (UK)Charlotte Riley

Charlotte Riley is a skilled Security Leader with 15 years of IT and Information Security experience and proven expertise in security architecture, consulting, and design. Having supported the MOD, MOJ, UK Government, NATO, and leading Fortune 200 organisations in a broad range of complex security programs. Charlotte is an accomplished, focused professional with a rich background and skillset.

https://privacyrules.com/wp-content/uploads/2023/09/Website-pic-72.png

Partner at Tanner de Witt (Hong Kong)Padraig Walsh

Pádraig Walsh is a partner working in the Corporate Commercial group of the independent Hong Kong law firm, Tanner De Witt. The firm joined PrivacyRules because it is a unique alliance of experts across all disciplines relevant to privacy and data protection. This provides Pádraig and his firm with immense support in providing global solutions to clients that need help in relation to privacy and data protection. I am honoured to act as its Chairperson, Pádraig tells us, and we are delighted for the energy and professionalism he puts in his endeavour.

https://privacyrules.com/wp-content/uploads/2022/01/Website-pic-23.png

Director of Strategic Communication at FTI Consulting (Australia)India Bednall

https://privacyrules.com/wp-content/uploads/2023/12/Website-pic-85.png

Partner at Knyrym Trieb Attorneys at Law (Austria)Geral Trieb

Knyrim Trieb Attorneys at Law, co-founded by Dr. Rainer Knyrim and Dr. Gerald Trieb, LL.M., is a distinguished legal firm renowned for its exceptional work and expertise across all aspects of data protection, privacy, and IT law. The firm is committed to providing comprehensive guidance, extending beyond GDPR compliance. Their services encompass establishing and maintaining GDPR compliance through various means, such as deploying an online-privacy tech-platform for security incident qualification, conducting risk analysis, data protection impact assessments, and maintaining the register of processing activities.

https://privacyrules.com/wp-content/uploads/2023/03/Website-pic-17.png

Parnter at RocaJunyent (Spain)Beatriz Rodriguez Gomez

Certified Data Protection Officer and privacy specialist by ISMS and Aenor, Beatriz is also a legal expert in blockchain, information security, cybersecurity by ISMS, AI, digital marketing, e-commerce and Scrum.

Her experience includes advising national and international companies in the development of strategies for prevention, reaction and repair in terms of compliance associated with technological processes, and contracting technological services, among others. In addition, Beatriz is an expert in advising on digital transformation and knowledge management projects in the areas of privacy, cybersecurity and technology adoption.

https://privacyrules.com/wp-content/uploads/2021/11/16.png

Partner at TozziniFreire Advogados (Brazil)Luiza Sato

Luiza Sato is a partner at TozziniFreire Advogados in São Paulo where she focuses her practice on adaptation projects to the Brazilian General Data Protection Law (LGPD) and specialized consultancy regarding the new law, analysis of data protection and audit procedures, as well as issuance of legal opinions on digital law and intellectual property matters. Her experience encompasses assistance to local and foreign companies in the protection of intellectual property rights, registration of industrial property agreements with government agencies, adoption of administrative measures for the protection of industrial property, legislation concerning intangible assets and confidentiality, information technology and data protection.

https://privacyrules.com/wp-content/uploads/2021/11/24.png

Partner at Kochhar & Co. (India)Stephen Mathias

Stephen Mathias is the head of the Bangalore office of the Firm and co-chair of the Firm’s Technology Law Practice.

Stephen is a graduate of the prestigious National Law School of India University where he did an Honours degree in Arts and Law.  He is also a British Chevening Scholar and has done a diploma in European and English Law at the College of Law York and worked briefly at a leading law firm in London.  He is also a solicitor on the rolls of the Law Society of England and Wales.

Stephen began his career working in the Tax and Regulatory Division of multinational accounting firm Arthur Andersen, doing mergers and acquisitions, foreign investments, joint ventures, securities law and strategic investment work.

https://privacyrules.com/wp-content/uploads/2026/01/Carla-Guillemot-PR.png

Senior Legal Counsel, DPO, at Ubisoft (France)Carla Guillemot

https://privacyrules.com/wp-content/uploads/2026/01/Website-pic-2026-01-18T194945.113.png

Attorney at Timelex (Belgium)Anushka Sachdev

Anushka Sachdev specialises in technology, privacy and data protection, and intellectual property law. She advises clients on global data protection compliance, with particular focus on EU GDPR and Indian data protection laws. She drafts data processing, data sharing, licensing and material transfer agreements, and advises clients on data protection, data governance, artificial intelligence (AI) and other technology laws. She also provides guidance on international transfers of personal data, drafts terms of use for platforms and privacy and cookie policies. She  also conducts data protection impact assessments (DPIAs) and international data transfer impact assessments (DTIAs). 

https://privacyrules.com/wp-content/uploads/2022/01/Website-pic-23.png

Corporate Governance Coordinator at Grupo Fleury (Brazil)Sara Cepillo

Results-oriented leader with a deep understanding of Brazilian healthcare regulations. Skilled in navigating complex legal landscapes, mitigating risks, and driving operational excellence. Passionate about leveraging legal expertise to foster innovation and ensure ethical business practices.

Experienced in leading cross-functional teams to achieve strategic objectives and build strong relationships with stakeholders.

Core competencies include:

  • Corporate Governance
  • Data Privacy and Protection
  • Integrity and Risk Management
  • Contract Negotiation
  • Regulatory Compliance
https://privacyrules.com/wp-content/uploads/2022/01/Maria-de-la-guardia.png

Partner at ICAZA Law (Panama)Mariela de la Guardia

Mariela is a lawyer specializing in Corporatel Law, Intellectual Property, Data Protection, among others. She has assisted multiple foreign and local companies in their assessment on Data protection in Panama, from regulated companies to entrepreneurs. She represents Icaza in Privacy Rules and INTA´s Data Protection Committee. She is part of the Board of Directors of Verdes & Co., a company dedicated to the development of hydroponic crops and is secretary and Director of Icaza Trust Corporation and IGRA Foundation. She is a member of AmCham Panama, the Panamanian Association of Intellectual Property (APADEPI), the International Trademark Association (INTA), the Directors Association of Panama (ADP), the National Bar Association, CICYP.

https://privacyrules.com/wp-content/uploads/2022/01/Website-pic-12.png

Managing Partner at Cavendrys (Kenya)Janet Othero

Janet Othero continuously advises clients on the legal implications arising from cybersecurity incidents to cyber resilience and how to handle the interrelated impact of such incidents. She has also gained expertise in Fintech, Regtech, payment systems and data privacy governance. She has been providing her expertise to financial services institutions, start-ups, technology manufacturers and service providers as well as government institutions for over seven years. She has definitely earned her spot in the Legal 500, 2018 and 2019 rankings as a Next Generation Lawyer in Banking, Finance and Capital Markets.

https://privacyrules.com/wp-content/uploads/2026/01/Website-pic-2026-01-18T195703.297.png

Information Security, Data Privacy and AI Governance Consultant (Saudi Arabia/Middle East)Muneeb Imran Shaikh

Based in Middle East region, he has worked with different clients from financial, governmental and telecommunication sector to help them in developing and implementing Cybersecurity and Privacy program in accordance with their regulatory, legal and compliance requirements.

He has contributed with his knowledge and expertise through various writings, podcasts, policy reviews, conference appearances.

https://privacyrules.com/wp-content/uploads/2026/01/Website-pic-2026-01-18T200029.742.png

Lawyer at FBT Gibbons (USA)Katelyn E. Moody

Katelyn is an Associate in the Data, Digital Assets & Technology Practice Group. Katelyn’s practice focuses on aiding companies in the digital asset, fintech, and payments spaces.

She has substantial experience in drafting technology-related commercial agreements, including software development, licensing, and subscription agreements, service-based software solution agreements (i.e., SaaS agreements), service level agreements, and agreements for digital token and cryptocurrency companies.

https://privacyrules.com/wp-content/uploads/2024/04/Website-pic-5.png

Partner at VJT Partners (Hungary)Endre Varady

Endre Várady is a partner and leads VJT & Partners’ data protection & privacy practice. He has substantial international experience in data protection, digital transformation and other information technology matters. Endre is active in localization of cross-border digital products.  He is responsible for managing virtually all data protection matters at an operative level.

He is the head of the VJT & Partners award-winning data protection team and the main developer of the legal content of the Adatsólyom, GDPR compliance software. His experience also includes drafting and negotiating cloud computing-based deals for both customers and suppliers in a range of industries, including IT and insurance.

https://privacyrules.com/wp-content/uploads/2024/11/Website-pic-11.png

Partner at McMillan (Canada)Kristen Pennington

Kristen Pennington maintains a dynamic practice in privacy and data protection law. She assists emerging and established companies across a range of industries, providing insights into Canada’s distinct laws in these disciplines to support businesses entering or investing in the Canadian market. She also regularly collaborates with international counsel to advise on the Canadian privacy law considerations of multijurisdictional projects.

Secure your spot today!

oin us online on 28 January 2026 for this multi-session live event, structured in two complementary parts:

Part 1 – Cybersecurity & Data Protection Essentials for 2026
Sessions focusing on data breaches and class actions, breach response strategies, and the GDPR Digital Omnibus.

Part 2 – AI in Sector-Specific Scenarios
Sessions examining the use of AI in children’s data, healthcare, fintech, and recruitment across jurisdictions.

Whether you’re advising clients, leading compliance or security programs, managing AI governance, or developing digital products, this event offers the insights you need to navigate the evolving intersection of data protection, cybersecurity, and AI regulation in a global context.

Details of the event

Date : 28 January 2026

Time (CET) : 8:30am – 17:05pm 

Online event

Register here
bt_bb_section_top_section_coverage_image
top wave
https://privacyrules.com/wp-content/uploads/2021/01/logo-1.png

American Headquarters:
PrivacyRules Ltd.
201 East Fifth Street
Suite 1900 – #1362
Cincinnati, OH 45202, USA

European Office:
Via dei Della Robbia 112
50132, Firenze
Italy (IT)

Company

Contact us

+1.513.8132145
info@privacyrules.com

Expertise

Connect

Newsletter

Subscribe

Click here to unsubscribe