I had the privilege of attending CPDP.ai 2025 in Brussels, one of Europe’s leading conferences on privacy, fundamental rights and artificial intelligence governance. Over three days, I engaged with key voices from the European Commission, AI Office, AENISA, the European Data Protection Supervisor (EDPS) and privacy and tech professionals across Europe.
The event highlighted the importance of building transparent and rights-respecting AI governance, especially with the rollout of the EU AI Act alongside the well-established GDPR.
🔑 Key Takeaways from CPDP.ai 2025 and the AI Act
- 🧩 AI Act and GDPR must work hand in hand: Coordinating both frameworks is essential for achieving responsible innovation. We need tools that support dual compliance and enable consistent risk governance approaches.
- ⚖️ Fundamental rights risk assessment will be a legal and ethical must: From surveillance to automated decisions, it’s crucial to anticipate impacts on autonomy, fairness, and human dignity.
- 🔎 Effective transparency: explanations must be human-readable: Training data summaries must support accountability while safeguarding trade secrets and privacy.
- 🛠️ GPAI impact assessments aim beyond risk – they focus on benefit: The GPAI Code promotes not only risk mitigation but also the pursuit of ethical and socially beneficial outcomes in AI deployment.
A heartfelt thank you to EDPO for making it possible for me to attend CPDP.ai 2025. Your support made this learning journey possible and helped me take part in shaping Europe’s AI and privacy future.
