APF 2026 Logo

Annual Privacy Forum 2026

9-10 September 2026 | Salzburg, Austria

Call for Papers

Theme: Ten Years of GDPR – Engineering the Future

Ten years after the adoption of the General Data Protection Regulation (GDPR), this EU legal framework together with the technical developments it continues to provoke remains the global point of reference for empowering individuals and ensuring a high-level of protection in terms of privacy.

However, the challenges of the next decade look very different from the last. Rapid advances in artificial intelligence, data-driven business models and governmental practices, and complex digital services are testing the limits of established privacy norms in Europe and beyond.

APF 2026 invites the community to contribute to the understanding of what is at stake, where new threats originate, and how law, technology, and practice can be integrated to address current and imminent challenges.

Submit via EasyChair

Important Dates

  • Submission of full papers: June 1st, 2026 (23:59 AoE)
  • Notification to authors: July 10, 2026
  • Camera-ready copies: July 31, 2026
  • Conference Dates: September 8-9, 2026

Topics of Interest

APF 2026 seeks original contributions from researchers and academia, policy makers and implementers, data protection authorities, industry, consultants, NGOs, as well as civil society. An interdisciplinary approach is highly encouraged.

Submissions should deal with one or more of the following topics:

Law, Policy, and Strategy

  • A Decade of GDPR: Enforcement challenges and future reform
  • Privacy and data protection in the EU Data Strategy (Data Act, DGA, DSA) and the AI Act
  • Data intermediaries and data custodianship
  • Economics of privacy and personal data
  • Data protection policies, certification, and auditing

Engineering and Technology

  • State of the art in privacy and data protection engineering
  • Data Protection by Design and by Default
  • Anonymisation and pseudonymisation techniques
  • Real-world applications of privacy-enhancing technologies (PETs)
  • Privacy in Generative AI, LLMs, and Federated Learning
  • Privacy in 5G+, 6G, and IoT
  • EU Digital Identity Wallets and applications
  • Empirical assessment of privacy technologies and architectures under real-world regulatory constraints

Society, Users, and Ethics

  • Human factors of privacy and security (usability, nudging, dark patterns, etc.)
  • Consent management and data subject rights
  • Transparency, intervenability, and unlinkability
  • Trust management and accountability
  • Data protection for vulnerable groups

Implementation and Case Studies

  • Real-world aspects or case studies of privacy management
  • Privacy risk management and impact assessments (DPIA, FRIA, etc.)
  • Real-world implementation of innovative “by design” technologies
  • Personal data breaches

Paper Categories

Submissions can be made through EasyChair. Full research papers need to be genuine in content and should not overlap with work published elsewhere.

Full Papers

Up to 8,000 words.

Research or Opinion papers. Opinion papers are expected to reflect the views of the author(s).

Student Papers

Up to 4,000 words.

Encouraged for young researchers. Reflects novel thinking that might not have been fully elaborated just yet.

Short Papers

Up to 4,000 words.

Open to anyone who has a sketch of an idea, an opinion, or a call for collaboration.

* Word limits exclude bibliography and well-marked appendices.

Submission & Review Process

Submissions must be drafted in English and comply with the Springer LNCS style guide. Authors are advised to note below the title whether their submission is a research/opinion paper, a student paper, or a short paper.

Note on AI: APF allows the usage of AI-based systems for improving language and grammar issues, but not for content generation. The use of AI tools must be declared explicitly within the submission.

All submissions will be thoroughly reviewed by our PC members. We aim for a minimum of 3 reviews per paper (except in cases of clear desk rejection).

Publication

Proceedings will be published by Springer LNCS.

Further to APF 2026 Springer LNCS proceedings, selected papers will be invited to submit an extended version of the manuscript to a special issue of the Privacy Studies Journal.

Note: An extended version can be published in a journal when it includes at least 30% new material, cites the original publication, and includes an explicit statement about the increment.