Co-located Event


Day 1 - Wednesday, September 4th, 2024

 08:30 – 09:15  Registration - Welcome Coffee
 09:15 – 10:00  Opening Remarks   

Evangelos Ouzounis (ENISA) 

Jerker Moodysson (Karlstad University) 

Simone Fischer-Hübner (Karlstad University) 

TBC (European Commission)
 10:00 - 10:30   Invited Talk
  Jaap-Henk Hoepman (Radboud University)
10:30 - 11:20

Paper Session I:

Consent Management

 PC Chair: TBC

  • Implementing ISO/IEC TS 27560:2023 Consent Records and Receipts for GDPR and DGA (Harshvardhan J. Pandit, Jan Lindquist and Georg Philip Krog)
  • Privacy Promise vs. Tracking Reality in Pay-or-Tracking Walls (Timo Müller-Tribbensee)
11:20 – 11:40 Coffee Break  
11:40 – 12:30 Fireside Chat

Marit Hansen (ULD)

Maria Owczarek (UODO)

12:30 – 13:20

Paper Session II:

Emerging Technologies and Risks


PC Chair: TBC

  • No Transparency for Smart Toys (Julika Feldbusch, Valentyna Pavliv, Nima Akbari and Isabel Wagner)
  • AI Cards: Towards an Applied Framework for Machine-Readable AI and Risk Documentation Inspired by the EU AI Act (Delaram Golpayegani, Isabelle Hupont, Cecilia Panigutti, Harshvardhan J. Pandit, Sven Schade, Declan O'Sullivan and Dave Lewis)
13:20 - 14:30

Lunch Break

14:30 – 15:20

Paper Session III:

Threat Modelling

 PC Chair: TBC

  • Implications of age assurance on privacy and data protection: A systematic threat model (Marta Beltrán and Luis de Salvador)
  • Data Governance and Neutral Data Intermediation: Legal Properties and Potential Semantic Constraints (Emanuela Podda)
15:20 – 15:50

Invited Talk

Beyond Checkbox Compliance: Embracing Privacy Engineering

Kim Wuyts (PWC)
15:50 - 16:10 Coffee Break  
16:10 - 17:10

Panel Session I:

Demonstrating compliance through certification mechanisms

Moderator: TBC


  • TBC
  • TBC
17:10 - 18:00

Paper Session IV:

Deploying the GDPR

 PC Chair: TBC

  • Another Data Dilemma in Smart Cities: the GDPR’s Joint Controllership Tightrope within Public-Private Collaborations (Barbara Lazarotto and Pablo Rodrigo Trigo Kramcsak)
  • The lawfulness of re-identification under data protection law (Teodora Curelariu and Alexandre Lodie)
18:00 – 18:15 Day 1 Wrap Up APF Co-organizers
20:30 Social Event  


Day 2 - Thursday, September 5th, 2024

 08:30 – 09:00  Registration - Welcome Coffee
 09:00 – 09:10 Opening Remarks  APF Co-organizers 
09:10 - 09:50  Keynote Talk 

Wojciech Wiewiórowski (EDPS)

09:50 – 10:40 Invited Talks

Liina Kamm (Cybernetica)

Giuseppe D’Acquisto (Garante)
10:40 - 11:00 Coffee Break  
11:00 - 12:00

Panel Session II:



  • Christoffer Karsberg (MSB/NCC-SE)
  • Simone Fischer-Hübner (CyberCampus/CyberNode Sweden)
  • Caroline Olstedt Carlström (Forum för Dataskydd/Cirio)
  • TBC (IMY)
12:00 - 12:50

Paper Session V:

Data Subject Rights

PC Chair: TBC

  • How to Drill Into Silos: Creating a Free-to-Use Dataset of Data Subject Access Packages (Nicola Leschke, Daniela Pöhn and Frank Pallas)
  • Access Your Data... If You Can: An Analysis of Dark Patterns Against the Right of Access on Popular Websites (Alexander Löbel, René Schäfer, Hanna Püschel, Esra Güney and Ulrike Meyer)
12:50 - 14:00

Lunch Break

14:00 – 14:50

Paper Session VI:

Data Protection by Design

PC Chair: TBC

  • Evaluating Differential Privacy on Correlated Datasets Using Pointwise Maximal Leakage (Sara Saeidian, Tobias Josef Oechtering and Mikael Skoglund)
  • Addressing Privacy Concerns in Joint Communication and Sensing for 6G Networks: Challenges and Prospects (Prajnamaya Dass, Sonika Ujjwal, Jiri Novotny, Yevhen Zolotavkin, Zakaria Laaroussi and Stefan Köpsell)
14:50 - 15:10 Coffee Break  
15:40 - 16:40

Panel Session III:

Challenges in protecting personal data in the artificial intelligence era


Moderator: Prokopios Drogkaris (ENISA)


  • Veselina Tzankova (OLAF)
  • Irene Kamara (Tilburg University)
  • Isabel Barberá (Rhite)
  • Katerina Demetzou (Radboud University)
16:40 – 17:00

Day 2 Wrap Up