In line with an established tradition that the members of VUB-LSTS partake in the Internationales Rechtsinformatik Symposion IRIS, our Brussels Laboratory for Data Protection & Privacy Impact Assessments (d.pia.lab) will organise – at the upcoming, 21st edition of the IRIS conference – a panel dedicated to the automation of privacy- and data protection impact assessments. The panel will take place on Friday, 23 February 2018 from 16:00 till 17:30 in Salzburg, Austria and will be held in English.

robot! by iwouldificould via CC BY-NC-ND 2.0

robot! by iwouldificould

It is well known that the new legal framework for personal data protection in the European Union, applicable from May 2018, brings to the fore a plethora of novel solutions aiming, inter alia, at better safeguarding the interests of individuals whenever their personal data are being handled. One of these novelties is an obligation imposed on data controllers to conduct a data protection impact assessment (DPIA) for those processing operations that could present a “high risk” to the “rights and freedoms of natural persons”. Despite these novelties still posing questions as to their practical application, they already have caused development of dedicated guidance material, templates, tools, etc. – all aimed at making possible and facilitating their usage, including the conduct of a DPIA.

Amongst these, in particular, we have recently observed a proliferation of automated tools for conducting a DPIA. Various software developers have already offered to diverse clients varied pieces of software that – upon being fed with some descriptions, etc. – would help making an analysis of the intended processing operations and often recommend measures to lower the level of risk to the individuals, maximize benefits or even – if possible – to eliminate negative consequences entirely. These tools merit academic attention not only because of their novel character, uncharted potential or vulnerabilities, doubts about their quality and effectiveness, but – more importantly – because their usage has ramifications for the level of protection of individual interests. Thus there is a need to evaluate the extent to which these tools can contribute, if ever, to offering such a protection.

To that end, we want to explore some of the existing software for conducting DPIAs and – more broadly – privacy impact assessments (PIAs). In preparation for this panel, we have invited a number of software developers to make their tools available to us in advance, for analysis and testing. Having done so, we come to this interactive panel with observations, questions, and comments, which we will deliver and discuss right after these invited developers have presented their tools. A discussion with the public will follow.

The following software developers have kindly accepted our invitation: Georg Philip Krog (Signatu, NO), Michele Marrali (Studio Storti, IT), Erwin Rigter (Privacy Company, NL) and Robert Sindlinger (OneTrust, DE). The panel will be chaired by d.pia.lab members Dariusz Kloza and István Böröcz as well as Marco Giacalone (VUB-LSTS).

Registration is still available under this link.


Screen Shot 2018-02-03 at 20.35.24 The Law, Science, Technology and Society (LSTS) Research Group of the Vrije Universiteit Brussel (VUB) celebrates in 2018 its 15 years of existence. To mark the occasion, we invite all our friends to join us at a special LSTS-café on Tuesday 27th February 2018 at La Tricoterie, from 8:30 pm to 2:00 am, with music selection by DJ Soeur Veillance and DJ Götz Von Berlichingen. The bar will sell drinks. Please find the invitation  here.

Risk par Bruce Guenter (2011, CC BY 2.0) avons le plaisir de vous inviter à la journée d’étude « Vie privée, données personnelles et risques. Quels paramètres pour leur cohabitation à venir ? » qui se tiendra le 8 décembre 2017 à Paris.

Avec l’entrée en vigueur du Règlement Général sur la Protection des Données Personnelles (RGPD) le 28 mai 2018, l’Europe écrira une nouvelle page dans l’évolution rapide du numérique.

Il s’agit d’un mouvement à double tranchant : d’un côté les données personnelles sont de plus en plus souvent mises au service d’un prédictibilité calculée, supposée ou réelle, d’un avenir imprévisible et dont l’incertitudes s’impose de manière croissante ; de l’autre côté de nouvelles formes de gestion de risque sont en train de se développer au service des entreprises soucieuses des risques juridiques et commerciaux générés par le RGPD.

Read More


pic by Myxi (CC BY-NC-ND 2.0)

How to find cool online games that respect your digital rights? Where to look for them? How to recognise them? Which are the best ones? And how do you make sure nobody is stealing your data while you are at it? ‘How to Find (Decent) Privacy-Friendly Games Online? Strategies for Cool Families’ is A Privacy & Cake ‘Bring Your Own Device & Child’ Workshop that will unlock all these questions, hoping somebody will kindly help us to answer them.  It will take place on Saturday 7 October 2017 from 14:15–15:30, in a session promoted by LSTS and Privacy Salon the context of Freedom Not Fear event, and will be animated by Gloria González Fuster and Rosamunde Van Brakel. Please note that this workshop welcomes children who love to play, parents who love their children and their privacy, volunteers bringing cake, family and friends in general and especially suggestions for games, tools and ideas on how to find the best privacy-friendly games on line.


pic by dean hochman (@flickr)

In the context of the upcoming PRINTEGER European Conference on Research Integrity: Why Research Integrity Matters to You has been opened a call for papers on the themes of research integrity and scientific misconduct. The Conference, organised by the Promoting Integrity as an Integral Dimension of Excellence in Research (PRINTEGER) project, will take place between the 5th and 7th February 2018 in Bonn. The deadline for submissions has been extended, and is now 15 October 2017. All useful details can be found here.



pic by ggf

The Call for Papers for the Computers, Privacy and Data Protection (CPDP) 2018 Conference, ‘The Internet of Bodies‘, is open until 29th September 2017. The Call is addressed to all researchers who wish to present their papers at CPDP, and is split into two different tracks: one for experienced researchers, and one for PhD students and other junior researchers. Please find all useful information here. Please also note that there is a different call with the same deadline for submission, for the PLSC-Europe 2018 event, organised in conjunction with CPDP: more info on that can be found here.


pic by blowing puffer fish (@flickr)

On Monday 11th September 2017 Mathias Vermeulen will publicly defend at the Vrije Universiteit Brussel (VUB) his PhD thesis ‘Public Privacy: A European Fundamental Rights Analysis Of The Right To Private Life In An Age Of Smartphones, Drones And Social Media. The defense will take place at 16:00 in auditorium D0.08. Please find the official invitation here.