Eduardo Ustaran, CIPP/E

Headshot

Hogan Lovells

Partner

Global co-head of the Hogan Lovells Privacy and Cybersecurity practice Eduardo Ustaran is widely recognized as one of the world's leading privacy and data protection lawyers and thought leaders. With three decades of experience, Eduardo advises multinationals and governments around the world on the adoption of privacy and cybersecurity strategies and policies. Eduardo has been involved in the development of the EU data protection framework and was listed by Politico as the most prepared individual in its 'GDPR power matrix'.

Based in London, Eduardo leads a highly specialized team advising on all aspects of data protection law – from strategic issues related to the latest technological developments such as artificial intelligence and connected devices to the implementation of global privacy compliance programs and mechanisms to legitimize international data flows.

Eduardo is the author of The Future of Privacy (DataGuidance, 2013), a ground-breaking book where he anticipates the key elements that organizations and privacy professionals will need to tackle to comply with the regulatory framework of the future.

Eduardo is co-founder and editor of Data Protection Leader, a member of the panel of experts of DataGuidance, and a former member of the Board of Directors of the IAPP. Eduardo is executive editor of European Data Protection Law and Practice (IAPP, 2018), and co-author of Data Protection: A Practical Guide to UK and EU Law (OUP, 2018), Beyond Data Protection (Springer, 2013), E-Privacy and Online Data Protection (Tottel Publishing, 2007) and of the Law Society’s Data Protection Handbook (2004). Eduardo has lectured at the University of Cambridge on data protection as part of its Masters of Bioscience Enterprise, and regularly speaks at international conferences.

 

Contributions by Eduardo Ustaran

  • Managing Expectations and Winning Over Skeptics on AI Governance
    Speaker at IAPP Data Protection Intensive: UK 2025
  • Data Flows in an Autocractic World
    Speaker at IAPP Europe Data Protection Congress 2024
  • Top 10 operational impacts of the EU AI Act – Understanding and assessing risk
    Westin Research Center
  • Why and How to Adopt an AI Governance Program
    Speaker at Virtual Bermuda KnowledgeNet: 19 June 2024
  • EU AI Act Comprehensive 1: Context and Key Concepts
    Speaker at AI Governance Global 2024
  • EU AI Act Comprehensive 2: Key Concepts
    Speaker at IAPP Global Privacy Summit 2024
  • The EU-US Transatlantic Data Privacy Framework (TADPF) and its Impact on the UK
    Speaker at IAPP Data Protection Intensive: UK 2024
  • Navigating the Global Maze of Personal Data Transfer Regulations: Tips & Tricks
    Speaker at IAPP Europe Data Protection Congress 2023
  • Member of AI Governance Center Board 2023 - 2025
  • Regulating for AI success
    Privacy Perspectives
  • ‘Schrems II’ & the EU-US DPF: Stakeholders Volley
    Speaker at IAPP Europe Data Protection Congress 2022
  • UK Data Protection Reform — Good or Bad for DPOs?
    Speaker at IAPP Europe Data Protection Congress 2022
  • An Insider’s Update: The UK International Data Transfers Expert Council
    Speaker at IAPP Global Privacy Summit 2022
  • That Privacy Podcast LIVE! Post-Brexit Data Protection Reforms in the UK
    Speaker at IAPP Data Protection Intensive: UK 2022
  • The New Enforcement Battleground: Lawful Grounds for Processing
    Speaker at IAPP Europe Data Protection Congress 2021
  • International Privacy Developments
    Speaker at Virtual Bermuda KnowledgeNet: 30 September 2021
  • New Emerging Laws and Global Business
    Web Conference Speaker
  • Speaker at IAPP Europe Data Protection Congress 2020 - Cancelled
  • Las Transferencias Internacionales de Datos a Debate: Una Visión Desde España, Europa e Iberoamérica
    Speaker at Virtual Madrid KnowledgeNet: 22 October 2020
  • A forgotten right gets into action in UK A-Level controversy
    Privacy Perspectives
  • The Schrems II Aftermath: A Deep Dive into SCCs
    Speaker at IAPP Summit Sessions 2020 Online
  • The Schrems II Decision: The Day After
    Speaker at IAPP Summit Sessions 2020 Online
  • EU Privacy Law, But Not as You Know It
    Speaker at IAPP Summit Sessions 2020 Online
  • Speaker at IAPP Data Protection Intensive: UK 2020 - Cancelled
  • Don’t forget about the GDPR in 2020
    Speaker at Northwest Arkansas KnowledgeNet: January 28, 2020
  • Data Transfer Mechanisms: Where Do We Go From Here?
    Speaker at IAPP Europe Data Protection Congress 2019
  • Cookie Consent: What 'Good' Looks Like
    Speaker at IAPP Europe Data Protection Congress 2019