Save the date

The third installment of the largest data protection conference in the Nordics will be held at Münchenbryggeriet, Stockholm, 12-13 November 2018. Confirmed speakers:

Raegan MacDonald, head of EU public policy, Mozilla
Jeanette Gustafsdotter, CEO Tidningsutgivarna
Eva Jarbekk, partner at Schjødt
Robert Bond, partner at Bristows
Michelle Dennedy, CPO Cisco

Feel free to email us session and speaker pitches to You can also send us an email if you want us to send you a reminder when tickets go on sale in May.

Highlights from Nordic Privacy Arena 2017

Nordic Privacy Arena 2017 was a massive success with around 50 speakers and nearly 300 visitors. A big thank you to everyone who made this possible from us at DP Forum. See the photos here, and a few select keynotes and panel discussions here:

Finn Myrstad, Forbrukerrådet, on connected toys, smartwatches, dating apps and privacy.

Panel discussion on AI, transparency and privacy with Per Meyerdierks (Google), Mikael Haglund (IBM), Rebecka Cedering Ångström (Ericsson) and Stanley Greenstein (Stockholm University).

Data protection authorities – resources, approaches and harmonization, panel discussion with Kari Laumann (Datatilsynet), Paul Breitbarth (Nymity) and Hans-Olof Lindblom (Datainspektionen).

Full program for Nordic Privacy Arena 2017 – Emerging Technologies and Data Protection below.

Nordic Privacy Arena 2017 - full program

Join us for two full days as some of the world’s leading experts in their respective fields explore the privacy aspects of today’s biggest tech trends. We’ll discuss artificial intelligence, Internet of Things, big data policing, smart cities, cybersecurity strategies, consumer expectations and challenges for legislators, law enforcement agencies and data protection authorities. Startups and large multinational companies from sectors such as finance, healthcare, media and consumer electronics will join in for panel discussions about privacy and transparency and let us know how they’ve gone about their GDPR preparations.

Two-day event

Day one will consist of keynotes and panel discussions followed by a dinner with a special guest speaker, day two of hands-on training for data protection specialists and a parallel track focusing on data protection authorities.

Speakers include Joe Cannataci (United Nations Special Rapporteur on the right to privacy), Gemma G. Clavell (Universitat de Barcelona), Marc Rotenberg (EPIC), Leena Kuusniemi (Rovio), Bojana Bellamy (Hunton & Williams), Finn Myrstad (Forbrukerrådet), Per Meyerdierks (Google) and Caroline Louveaux (MasterCard).

The conference will be moderated by Jennifer Baker, a Brussels-based journalist specialised in EU policy, tech legislation and data protection.

Keynote speakers

Marc Rotenberg

Professor Marc Rotenberg is a lecturer at Georgetown Law and the President and Executive Director of the Electronic Privacy Information Center (EPIC), an independent public interest research organization that has filed privacy complaints against companies such as Uber and Google and that has worked to obtain information about Russia’s alleged interference in the 2016 Presidential Election.

He testified before the 9-11 Commission on ”Security and Liberty: Protecting Privacy, Preventing Terrorism”, and more recently before the Senaste on the Equifax breach. He co-edited ”Privacy in the Modern Age: The Search for Solutions” and contributes to The Economist, New York Times and USA Today.

Joe Cannataci

Professor Joe Cannataci is the United Nation’s first ever special rapporteur on the right to privacy.  He is the head of the department of Information Policy & Governance at the Faculty of Media & Knowledges Sciences of the University of Malta and an adjunct professor at the Security Research Institute and the School of Computer and Security Science at Edith Cowan University Australia.

Mr Cannataci has written numerous books and articles on data protection, liability for expert systems, legal aspects of medical informatics and self-regulation and the Internet, online dispute resolution and data retention and police data.

Gemma G. Clavell 

Dr. Gemma Galdon Clavell is a policy analyst working on surveillance, the social, legal and ethical impact of technology, smart cities, privacy, security policy, resilience and policing. She is a founding partner at Eticas Research & Consulting and a researcher at the Universitat de Barcelona’s Sociology Department. She completed her PhD on surveillance, security and urban policy in early 2012.

Finn Myrstad

Finn Lützow-Holm Myrstad is the Head of the Digital Services Section at the Norwegian Consumer Council (NCC), focusing on national and international issues related to net neutrality, data protection, copyright, telecommunication and more. He has led the research and advocacy work relating to consumer rights and privacy in digital services, and has lodged several successful complaints against Apple iCloud, Tinder and Runkeeper.

Most recent was a study on connected toys, leading to coordinated actions by more than 20 organisations in 16 countries. Finn is also the EU co-chair of the Transatlantic Consumer Dialogue (TACD) Information Society Committee, a network of over 75 leading organisations representing the consumer interest on both sides of the Atlantic.

Caroline Louveaux

Caroline Louveaux is Senior Managing Counsel at MasterCard. She is responsible for MasterCard’s Regional Privacy and Data Protection Programs in Europe, in Asia-Pacific, Middle East and Africa as well as in Latin and Central America. She has worked at the CRID, a well-known research center for computer and law in Belgium, where she performed legal research in the area of new technologies.

Caroline is a member of the Advisory Board and a lecturer for the new “Certified DPO education” programme at Solvay Brussels School of Economics and Management as well as a lecturer at Brussels Privacy HUB Summer School, and at the CRIDS DataSafe “DPO certification” program.

Dinner speakers: 

Anna Maria Corazza Bildt

Corazza Bildt (The Swedish Moderate Party) has been a member of the European Parliament since 2009. She is the first vice-chair of the Internal Market and Consumer Protection Committee (IMCO) and a member of the Home Affairs and Migration Committee (LIBE), the European Parliament Intergroup on LGBT Rights and the Committee on Women’s Rights and Gender Equality. She is also a business entrepreneur.

Donnie Lygonis

Donnie SC Lygonis is Technology Transfer Manager at KTH Royal Institute of Technology in Stockholm. His career started with 8 years in the Royal Engineers of the Swedish Armed Forces, after which he left to start his own first company. Today he is a well-known name in the Swedish startup scene, having started a multitude of companies. He is the founder of Entrepreneurs Without Borders and has given several TEDx talks.

Mr Lygonis also spent 10 months in Silicon Valley as part of a Vinnova / Wallenberg Fellowship program. Lygonis will touch on how business areas in general are being disrupted today, Legaltech being one of the new areas that is seeing a lot of new startups wanting to change the landscape.

Other speakers and panelists

Agnes Hammarstrand, Partner Delphi Gothenburg
Björn Johansson Heigis, Partner Roschier
Bojana Bellamy, President of Hunton & Williams LLP’s Centre for Information Policy Leadership, CIPL
Caroline Olstedt Carlström, Partner Lindahl, External Data Protection Officer, Klarna, and chair, Forum för dataskydd
Christoffer Callender, SE Manager McAfee
Cecilia Magnusson Sjöberg, Professor, Stockholm University
David Frydlinger, Partner and head of ICT, Lindahl
Erica Wiking Häger, Partner and Head of Corporate Sustainability and Risk Management, Mannheimer Swartling
Erik Janzon, Head of unit at the Swedish Social Insurance Inspectorate & secretary of the recently completed Swedish Parliamentary Privacy Committee
Erik O Wennerström, Director-General, National Council for Crime Prevention
Filip Johnssén, Senior Legal Counsel, Global Privacy Office, Klarna Bank AB
Friederike van der Jagt, PrivacyPerfect
Gonca G.Dhont, CEO DPO Network Europe
Hans-Olof Lindblom, Chief Legal Adviser at the Swedish Data Protection Authority
Ian Evans, managing director for EMEA at OneTrust
Kari Laumann, Senior Advisor, The Norwegian Data Protection Authority
Karl-Fredrik Björklund, Partner Carler and Vice Chairman of the Data Protection Forum
Lars Frösslund, Head of Payments Consulting Nordics, Capco
Leena Kuusniemi, Senior Legal Counsel, Rovio Entertainment
Liane Colonna, Researcher, Stockholm University
Lorena Marciano, Data Protection & Privacy Officer, Cisco
Marc Adams, Director Enterprise Solutions, TrustArc
Maria Holmström Mellberg, Group GDPR and Privacy lead Nordea
Marios Kimonos, Privacy Program Manager and leader of the global privacy program at Sony Mobile
Max Andersson (Member of the European Parliament for the Green Party)
Mårten Schultz, Professor, Stockholm University
Paul Breitbarth, Senior Solutions Advisor, Nymity
Per Meyerdierks, Legal Counsel Google Germany
Peter Wright, Founder and Managing Director, DigitallawUK
Rebecka Cedering Ångström, Director, Ericsson Networked Society Lab
Stanley Greenstein, Researcher at Stockholm University
Thyronne Winter, Global Privacy Officer, CornerstoneOnDemand
Viljar Peep, Director General, Estonian Data Protection Inspectorate
Xavier Leclerc, CEO DPMS, President of UDPO and Founding member and Honoured Vice Président of AFCDP


Monday 23/10

09:00-09:10 Welcome
Jennifer Baker and Caroline Olstedt Carlström

09:10-09:40 Privacy, Transparency, and Democracy
Marc Rotenberg, President and Executive Director EPIC

The Electronic Privacy Information Center (EPIC) has filed numerous consumer privacy complaints against companies and authorities since the organization was founded in 1994.

President and Executive Director Marc Rotenberg, a Harvard College, Stanford Law School and Georgetown University alumni, will open the conference with a keynote about recent events in the United States and the importance of data protection for the preservation of democratic institutions. Mr Rotenberg will also discuss various EPIC cases, including FOI cases concerning the Russian interference with the 2016 US Presidential election (EPIC v. FBI, EPIC v. ODNI, EPIC v. IRS), as well as their opposition to the efforts of the Presidential Election Commission to obtain state voter records (EPIC v. Commission).

09:40-10:00 Artificial Intelligence and You
Caroline Louveaux, Senior Managing Counsel, Mastercard

It’s this year’s big buzz word, but what is AI exactly and what are the main privacy issues surrounding the technology?

10:00-10:20 AI according to the Norwegian Data Protection Authority
Kari Laumann, Senior Advisor at the Norwegian Data Protection Authority, gives us a first glimpse of the findings of a recent study on AI and privacy


10:50-11:20 Can we have AI and privacy?
A panel discussion on the risks – and the possibilities – surrounding AI. Jennifer Baker interviews Mikael Haglund (CTO IBM Sweden), Rebecka Cedering Ångström (Director, Ericsson Networked Society Lab), Per Meyerdierks (Legal Counsel Google Germany) and Stanley Greenstein (LLD, researcher and lecturer in law and information technology, Stockholm University).

11:20-11:40 Cayla and other tales from the Internet of Things
Finn Myrstad, Head of the Digital Services Section at the Norwegian Consumer Council (Forbrukerrådet)

A doll that couldn’t keep children’s secrets secret was recently banned in Germany. Certain wireless speakers might cease to function if the user refuses to install software updates. And AI assistants could potentially be used to gather evidence in criminal cases. Finn Myrstad outlines ten concrete points on where the industry could be heading.

11:40-12:10 Transparency in Consumer Services
Lars Frösslund (Head of Payments Consulting, Capco) interviews:

Anna Lefevre Sköldebrand (CEO Swedish Medtech)
Agnes Hammarstrand (Partner Delphi law firm, representing several Swedish retail chains)
Caroline Olstedt Carlström (Partner Lindahl law firm and External Data Protection Officer for Klarna Bank)
Lena Kuusniemi (Senior Legal Counsel, Rovio Entertainment).


13:00-13:55 Privacy regulation in the robot age
Professor Joe Cannataci, special privacy rapporteur for the UN, discusses the challenges technological advancements propose for privacy legislators.

The keynote will be followed by a panel discussion among:

Joe Cannataci (Privacy Rapporteur for the UN)
Marc Rotenberg (Director, EPIC)
Cecilia Magnusson Sjöberg (Professor, Stockholm University)
Max Andersson (Member of the European Parliament for the Green Party).

14:00-14:40 GDPR – Seven months to go
Introduction by Bojana Bellamy, President of Hunton & Williams LLP’s Centre for Information Policy Leadership, CIPL

GDPR preparation cases:

Carl Svensson, Kry
Marios Kimonos, Sony Mobile
Lorena Marciano, Cisco

Conclusions: Paul Breitbarth, Senior Solutions Advisor, Nymity

14:40-15:10 International data transfers under Trump
Peter Wright, Founder and Managing Director, DigitalLawUK

A look at EU-US (and EU-UK) data transfers by the founder of “the only UK law firm to specialize in online, data and cyber law”. Will Privacy Shield see the end of the year? And what will UK’s GDPR equivalent look like?


15:35-16:00 Safe cities
Gemma G. Clavell, Policy Analyst and Researcher at Universitat de Barcelona

New technologies allow authorities and property owners to do far more than just passively gather material recorded by surveillance cameras. “Smart” or “Safe” cities hold the promise of more efficient crime and terrorism prevention, but could also end up becoming dystopian nightmares according to critics.

16:00-16:20 Fighting crime, protecting privacy

Gemma Clavell’s keynote will be followed by a panel discussion on surveillance and the right to privacy with:

Mårten Schultz (Professor at Stockholm University and founder of Juridikinstitutet)
Erik Janzon (head of unit at the Swedish Social Insurance Inspectorate and secretary of the recently completed Swedish Parliamentary Privacy Committee)
Joe Cannataci (Privacy Rapporteur to the UN)
Liane Colonna (Researcher, Stockholm University)

16:30-17:00 Information security and outsourcing in the light of “Transportgate”
Erik O Wennerström, Director-General, National Council for Crime Prevention, and Erica Wiking Häger, head of Corporate Sustainability and Risk Management, Mannheimer Swartling

17:00-17:30 Data protection authorities – resources, approaches and harmonization
A panel discussion with Bojana Bellamy (Hunton & Williams) and Viljar Peep, Hans-Olof Lindblom and Kari Laumann.

17:30 Roundup

18:00 Dinner with special guest speakers
Anna Maria Corazza Bildt and Donnie Lygonis

Tuesday 24/10

08:50-09:10 Codes of conduct
Erik Janzon, Head of unit at the Swedish Social Insurance Inspectorate & secretary of the recently completed Swedish Parliamentary Privacy Committee

09:10-09:30 Accountability and the role of GDPR certifications, codes of conduct and BCR
Bojana Bellamy, President CIPL

09:30-09:50   New security threats and strategies
Christoffer Callender, SE Manager McAfee

Data protection officer training track:

10:00-10:10 Welcome
Karl-Fredrik Björklund, Partner Carler and Vice Chairman at Data Protection Forum and Filip Johnsén, Senior Legal Counsel, Klarna Bank AB and board member of the Data Protection Forum

10:10-10:30 The DPO challenge of conflict of interests – internal and external
Björn Johansson Heigis, Partner and Head of Data Protection and Digitalization, Roschier

10:30-10:50 Future opportunities for privacy professionals
Gonca G.Dhont, CEO DPO Network Europe

11:00-11:20 Data Mapping in GDPR: Lessons Learned Tackling Article 30 in Practice
Ian Evans, managing director for EMEA, OneTrust

11:20-11:40 HR data and the challenges GDPR brings to employment market
Thyronne Winter, Privacy Officer, EMEA Cloud Security på Cornerstone OnDemand.

11:40-12:10 Managing privacy with a privacy program – governance and structure
Paul Breitbarth, Senior Solutions Advisor, Nymity

12:10-13:00 Lunch

13:00-13:20 Liability and limitation of liability in data processor agreements
The risks of GDPR sanctions and damages – David Frydlinger, Partner and head of ICT, Lindahl

13:20-13:50 Crime related data – will the GDPR ease the restrictions?
Johan Sundberg and Johan Thörn, DLA Piper

13:50-:14:20 GDPR as an internal project – this is how we did it
Sveriges Annonsörer brought in DPOrganizer and Advokatfirman Lindahl in the internal project. What was the outcome and are there any lessons to be learned? With Lin Eriksson, Head of Digital Services at Sveriges Annonsörer, Sandra Beyer, Senior Associate Lindahl and Egil Bergenlind, Founder & CEO DPOrganizer.

14:30-14:50 How to conduct a Privacy Impact Assessment
Marc Adams, Director Enterprise Solutions, TrustArc

14:50-15:10 DPO certifications
Xavier Leclerc, CEO, Data Privacy Management System (DPMS)

15:10-15:40 Efficient implementation of data protection requirements
Friederike van der Jagt, PrivacyPerfect

15:40-16:00 Transborder data flows and secrecy
Karl-Fredrik Björklund, Partner Carler and Vice Chairman at Data Protection Forum

16:10 Roundtable discussion  – topic determined by voting
Filip Johnssén, Data Protection Specialist at Klarna and board member Data Protection Forum, and Maria Holmström Mellberg, Group Driver Privacy Nordea

Centre for Information Policy Leadership (CIPL) Roundtable
By invitation only.

Looking Around the Corner: Accountable and Responsible Machine Learning under the GDPR and Beyond

10:10 Session I: Machine Learning and the GDPR
Discussion Leads:

Bojana Bellamy, President, CIPL
Kari Laumann, Senior Advisor, The Norwegian Data Protection Authority
Per Meyerdierks, Senior Privacy Counsel, Google, Inc.
Marie-Charlotte Roques Bonnet, Director of EMEA Privacy Policy, Microsoft

12:10 Lunch Break

13:00 Session II: Organisational Accountability in Emerging Technologies

Discussion Leads:

Bojana Bellamy, President, CIPL
Caroline Louveaux, Senior Managing Counsel, Mastercard
Marie-Charlotte Roques Bonnet, Director of EMEA Privacy Policy, Microsoft
Caroline Olstedt Carlström, Partner, Lindahl Lawfirm and Data Protection Officer, Klarna Bank
Maria Holmström Mellberg, GDPR and Privacy Lead, Nordea Group

15:00 End of Roundtable


General information


Join the discussion at #NPA2017

About us

The Data Protection Forum is a non-profit organisation established in 2012. We regularly arrange seminars and training days. We provide the Swedish DPA with input and give opinions on proposed legislation to the Swedish government. The board consists of ten well-reputed privacy professionals from various industries and public sector bodies.

Questions or suggestions?

Contact us at


DLA Piper
Cornerstone OnDemand

Graphic recording
Frida Panoussis –

Jens Reiterer –


Logga in

Ej medlem? Registrera dig

Bli medlem

Medlemmar går gratis på våra seminarier och till rabatterat pris på Nordic Privacy Arena.

Studentmedlemskap upphör automatiskt efter ett år, därefter behövs ny ansökan. Ange också ert mecenatkortnr i meddelandefältet.

Ordinarie medlemskap: 1445 kr per år exklusive moms
Student: 400 kr per år inklusive moms