IAPP Europe Data Protection Congress 2025

Bojana Bellamy is the president of Hunton Andrews Kurth LLP’s Centre for Information Policy Leadership, a preeminent global privacy and data policy think tank located in Washington, D.C., London and Brussels. At CIPL, Bellamy works with global business and technology leaders, regulators, and policy and lawmakers to shape global data policy and practice, as well as develop thought leadership and best practices for responsible and trusted use of data in the fourth Industrial Revolution. With more than 25 years of experience and deep knowledge of global data privacy and cybersecurity law, compliance and policy, she has a proven industry record in designing strategy, and building and managing data privacy compliance programs. Bellamy was the recipient of the 2019 IAPP Vanguard Award, which honors privacy professionals for outstanding leadership, knowledge and creativity in the fields of privacy and data protection. In 2021 Politico acknowledged Bellamy in its inaugural list of top Tech28 people shaping digital policy and technology in Europe and beyond. She was also one of 20 privacy experts to participate in the transatlantic “Privacy Bridge Project” from 2014-2015 that sought to develop practical solutions to bridge the gap between European and U.S. privacy regimes.

Currently, she sits on a number of advisory and industry boards, including the Mercedes-Benz Advisory Board for Integrity and Sustainability, the Internet Commission Advisory Board, the OECD’s Privacy Guidelines Expert Group and the Thomson Reuters’ Practical Law Data Protection Consultation Board, as well as the Advisory Board of the Tech, Law and Security Program at the American University Washington College of Law. She also was selected as a member of the Global Privacy Assembly Reference Panel. Bellamy participates in many industry groups and is a regular speaker at corporate and governmental events and conferences.

Prior to joining CIPL, she served for 12 years as the global director of data privacy at Accenture, and worked for eight years as principal consultant with privacy laws and business consulting and auditing projects for private and public sector clients in the U.K. and abroad.

Cristina Caffarra is an antitrust expert economist who was head of European competition at Charles River Associates for over 20 years — leading large teams and giving expert testimony in Europe and across the world on some of the most high-profile cases of the past two decades. Moving on from consulting, she co-founded the Competition Research Policy Network at the Centre for Economic Policy Research, where she curates and hosts multiple policy discussions. She has been a vocal contributor — speaking and writing extensively — to the global debate on antitrust and regulation of digital markets. She has shaped the European conversation around the role of antitrust as a tool of broader economic policy by advocating for the integration of antitrust and data protection, and encouraging new thinking around how antitrust can contribute to equitable economic growth. She hosts and curates a celebrated annual conference in Brussels on antitrust and the political economy. She is now the lead of the EuroStack Industry Initiative in Europe. She is an honorary professor at UCL in London.

Theodore Christakis is professor of international, European and digital law at University Grenoble Alpes, director of the centre for international security and European law, director of research for Europe with the Cross-Border Data Forum, member of the board of directors of the Future of Privacy Forum, and a former distinguished visiting fellow at the New York University Cybersecurity Centre. He is chair on the legal and regulatory implications of artificial intelligence with the Multidisciplinary Institute on AI. As an international expert he has advised governments, international institutions and private companies on issues concerning international and European law, cybersecurity, artificial intelligence and data protection law. He served as a member of the French National Digital Council and as an expert for the OECD in the process which led to the adoption, in December 2022, of the OECD Declaration on Government Access to Personal Data Held by Private Sector Entities.

He also served as a member of the French National Committee on Digital Ethics as well as a member of the International Data Transfers Experts Council of the U.K. Government and as an expert for the High-Level Expert Group on Access to Data for Effective Law Enforcement, created by the European Commission and the Council of the European Union. He also has experience working as external Data Protection Officer in GDPR compliance.

With 30 years of experience in European politics, including 20 years as an MEP, Sophie in ‘t Veld speaks knowledgeably on a broad spectrum of European issues.

In ‘t Veld is a passionate speaker and her fervent plea for a stronger and more democratic Europe is interspersed with countless examples from daily practice. She knows how to explain European politics in simple language for any audience. As a very experienced chair, she knows how to lead debates on the razor’s edge and to deliver concrete conclusions.

In ‘t Veld has a distinct profile as a pioneer for privacy and fundamental rights in the digital age, and as a champion of the democratic rule of law. In ‘t Veld can also always be found on the barricades for LGBT rights and women’s rights. As the European Parliament’s co-negotiator for asylum and migration policy, she managed to secure a number of important guarantees for humane policies despite the hostile political climate. She steered legislation on numerous other issues through Parliament, for instance on pensions, golden passports, state aid, or on the Russia sanctions regime.

Her vision on broader political issues such as EU enlargement, Brexit, institutional and political development of the Union, Europe’s geopolitical role, and security, is grounded in deep knowledge of the EU as well as the national politics of the EU member states. She set out her ideas in, among others, “A European ID” on European identity, and “The Scent of Wild Animals,” and “Naked Power” on the European Parliament as a counter-power in European democracy.

In the European Parliament, In ‘t Veld held several leading positions, including deputy leader of the European Liberal Group, chair of the Rule of Law Monitoring group of the European Parliament, and first vice chair of the Parliamentary Committee on Civil Liberties, Justice and Home Affairs.

Her work earned her recognition, including the titles Liberal of the year (JOVD) and Euronederlander of the Year (European Movement), Humanist of the year (International Humanist and Ethical Union) and Secularist of the year (UK National Secular Society). Her work for privacy protection was rewarded with the International Privacy Champion Award (Electronic Privacy Information Centre, Washington) and the Winston Award (Bits of Freedom). She also received the 2018 Circle Pension Award from the Dutch Kring van Pensioenspecialisten.

Joe Jones serves as the director of research and insights for the IAPP. Leading the Research and Insights team, he provides strategic direction and contributes to the development of practical content for privacy professionals on privacy law and policy, data protection management, and privacy technology and engineering. This work includes engaging with privacy leaders from industry, government, academia and civil society as he keeps IAPP members informed on data protection developments around the world.

Previously, Jones served as the deputy director for international data transfers with the U.K. government where he led the team responsible for U.K. government policies relating to free and secure flow of data internationally. This included work on data adequacy partnerships, alternative transfer mechanisms and multilateral initiatives that promote the trusted exchange of data across borders. Other prior roles include serving as the U.K. government’s deputy head of digital trade policy and working in the private sector as a lawyer on international data issues with Covington & Burling LLP.

Jones has been globally acknowledged as a leader in privacy law and policy. In 2022, Politico named him as the fourth most influential “rulemaker” in Europe as well as the Digital policy ‘Wonk of the week’ in September 2021.

He has led dozens of U.K. government diplomatic delegations or missions, holds over 200 public and private speaking credits on data protection and transfers and has contributed frequently to academic and professional publications, including the National Law Review.

He received his BA in Jurisprudence (Law) with honors from the University of Oxford and his Legal Practitioner Course with honors from the University of Law.

Carl Öhman is an assistant professor in political science at Uppsala University, Sweden. He earned his Ph.D. in 2020 from the University of Oxford, under the supervision of Luciano Floridi. His research spans several topics, including the politics and ethics of artificial intelligence, deepfakes and digital remains. It has been covered by media outlets such as The New York Times, The Economist, BBC and TIME Magazine. In 2020, Öhman was named the U.K.’s No. 1 early career researcher in the arts and humanities by Scopus.

Max Schrems is the honorary chairman and founder of noyb, a privacy enforcement platform that brings data protection cases to the courts under the EU General Data Protection Regulation. Schrems first came to notoriety as an Austrian law student who filed a complaint to the Irish Data Commissioner that Facebook Ireland was illegally sharing his personal data with the U.S. government, following the revelations of Edward Snowden. The case, known as "The Schrems case" or "Schrems I," eventually led to the invalidation of the Safe Harbor data-transfer agreement between the EU and U.S. Schrems later amended his complaint against Facebook Ireland with the Irish Data Protection Commission after Facebook switched its transfer mechanism from Safe Harbor to standard contractual clauses, leading to a new referral to the CJEU implicating both standard contractual clauses and the EU-U.S. Privacy Shield Framework. On 16 July 2020, the Court of Justice of the European Union invalidated Privacy Shield and placed additional requirements for companies using standard contractual clauses to third countries outside the EU.

Dale Sunderland was appointed commissioner for data protection in February 2024. Prior to his appointment he held the position of director and deputy commissioner with responsibility for the Data Protection Commission’s supervision, guidance and international affairs functions. Sunderland joined the DPC as deputy commissioner in May 2016, having previously worked at Ireland’s Department of Justice from 2002 to 2016. During his time at the Department Justice, Dale was head communications and corporate secretariat, and held various other positions working on Irish-British immigration cooperation, EU criminal justice and policing policy, corporate governance oversight, and international, parliamentary and media affairs.

Anu Talus has served as the Finnish information commissioner since autumn 2020. She is the head of the Office of the Information Commissioner and the chair of the European Data Protection Board.

Prior to her work at the IMY, Talus served as senior adviser at the Ministry of Justice for over ten years. At the Ministry of Justice she led the implementation of the GDPR in Finland and acted as representative of the Finnish government in the EU GDPR negotiations. Talus has also worked at the European Commission as seconded national expert.

Talus holds a Doctor of Laws degree and a Master of Laws degree from the University of Helsinki and a Master of Arts degree from the University of Vaasa.

Global Co-head of the Hogan Lovells Privacy and Cybersecurity Practice Eduardo Ustaran is widely respected as one of the world's leading privacy and data protection lawyers and thought leaders. With three decades of experience, Ustaran advises multinationals and governments around the world on the adoption of privacy and cybersecurity strategies and policies. He has been involved in the development of the EU data protection framework and was listed by Politico as the most prepared individual in its “GDPR power matrix.”

Based in London, Ustaran leads an expert team advising on all aspects of data protection law — from strategic issues related to the latest technological developments such as artificial intelligence and connected devices to the implementation of global privacy compliance programs and mechanisms to permit international data flows.

He is the author of “The Future of Privacy,” a ground-breaking book where he anticipates the key elements that institutions and privacy professionals will need to tackle to comply with the regulatory framework of the future.

Ustaran is co-founder and editor of Data Protection Leader, a member of the panel of experts of DataGuidance, and a former member of the Board of Directors of the IAPP. He is executive editor of “European Data Protection Law and Practice,” and co-author of “Data Protection: A Practical Guide to UK and EU Law,” “Beyond Data Protection,” “E-Privacy and Online Data Protection” and of “The Law Society’s Data Protection Handbook.” He has lectured at the University of Cambridge on data protection as part of its Masters of Bioscience Enterprise and regularly speaks at international conferences.

Wojciech Wiewiórowski is the European data protection supervisor.

He was appointed by a joint decision of the European Parliament and the Council on 5 Dec. 2019 for a term of five years.

Before his appointment, he served as assistant European data protection supervisor from 2014 to 2019 and as inspector general for the protection of personal data at the Polish Data Protection Authority, a position which he had held since 2010. He was also vice chair of the Working Party Article 29 Group.