Save the Date!

IAPP Data Protection France: 2020

12-13 February
The Westin Paris - Vendôme, Paris

Want to Know More? Let Us Keep You Up to Date:

2019 Sold Out Conference Tackles Privacy Challenges

The IAPP’s inaugural bi-lingual DPI: France conference played host to more than 340 delegates from over 30 countries, including Turkey, Benin, Mali, Algeria, Morocco, Qatar and Brazil to name a few. So, while the event was held in Paris, it truly was reflective of the international reach and global mission of the IAPP.

Sessions on DPIAs and vendor management were two popular topics under discussion, along with newly-formatted “micro-talk” sessions delivered by established DPOs and privacy leaders. First launched at IAPP’s Deutschland event, these 15-minute testimonials provided candid accounts of the daily struggle for professional acknowledgment of the DPO function and their journeys, and very much resonated with those in attendance.

It was the respective “Regulators’ View” panels however, that delivered the most newsworthy mentions. Jean Lessi, secretary-general of the CNIL; Joëlle Jouret, legal adviser and DPO of the EDPB; Cathal Ryan, assistant commissioner at the Irish Data Protection Commissioner; and Michael Kaiser, head of department for banking at the Hessian Data Protection Commissioner provided important regulatory insights into an ever-changing landscape.

The key takeaway from the session was that the General Data Protection Regulation has created massive shifts in how data protection authorities in the EU must budget, staff, prioritize and operate.

Besides a plethora of meetings and EDPB collaborations, regulators have been inundated with complaints and breach notifications — up 1,200 percent since the GDPR went into effect.

Michael Kaiser, data protection officer at the Hesse Data Protection Authority in Germany, suggested it's like "everyone seems to think that under the GDPR, data processing is no longer lawful."

While it's admirable companies are aiming to be transparent and communicative with regulators, the panel agreed it's resulting in a bottleneck and straining resources globally.

This type of strong content and frank discussion from faculty throughout the conference made for Q&A segments that could have easily gone well past the allotted time for most sessions.

So successful was this first-ever IAPP conference in France, that plans are already being developed for DPI: France 2020. If you can’t wait that long, we encourage you to explore two other upcoming IAPP European conferences:

IAPP Europe Data Protection Intensive: UK 2020 in London on 9-12 March

IAPP Data Protection Intensive: Deutschland 2019 in Munich on 18-19 September (bilingual event)

Access the 2019 Presentations
Main conference presentations are online — access it now. To access a presentation, select the session title to expand the session description. You should find a link to the presentation at the end of the description. Please note that if a presentation is missing, we didn’t receive it or don’t have speaker approval to post it.

Where Did All the Handouts Go?
All sponsor handouts will now be provided in digital format instead of paper. You can access them conveniently before, during or after the conference—at

Hot Topics

Vendors: Contracting, Auditing, and Making Do

Vendors represent one of the greatest data protection risks for virtually every organisation. This session looked at what reality has produced, how to triage vendor risk, and good approaches for managing processors.

Tackling the DPIA: Formats and Foibles

This session will look at methodologies for performing DPIAs correctly, talk about interactions with regulators when they become necessary, and provide concrete tools for making your process more efficient.

15-Minute Talks by DPOs for DPOs

In this fast-paced, 90-minute session, we heard from six DPOs about their experience in the first months of GDPR. This provided fun, lively discussion of the DPO position, including their greatest barriers and successes.

Continuing Education

Mandatory Continuing Legal Education

We do not apply for MCLE credits for our international events, but you can use the Certificate of Attendance that will be emailed to you after the event to self-report to your state of licensure.

IAPP Continuing Privacy Education

If you’re looking for continuing privacy education (CPE) credits, this conference qualifies.

To Get Credit:
You don’t need to do anything. Credits will automatically be applied to each designation you hold (if you hold multiple designations, credits will be applied to all). To earn CPE credits for IAPP privacy training at this event, you must either already be certified during the event or pass the exam via CBT within two weeks of the end of the conference. If your credits don’t appear on your CPE Summary within 30 days after the event, please contact us at

IAPP networking activities don’t count for CPEs.

Scenes from the DPI: France Conference: Speakers, Sessions, Networking and More

Other Conferences

Training 16-17 September
Conference 18-19 September

Join data protection professionals from across Europe for two days of concentrated learning, sharing, and networking at the IAPP Data Protection Intensive: Deutschland 2019 in Munich.

Training September 22-23
Workshops September 23
Conference September 24-25
Las Vegas, NV

P.S.R. is a one-of-a-kind conference that brings together the best of the best in privacy and security, with innovative cross-education and stellar networking. P.S.R. provides technical solutions to privacy concerns and helps you to see beyond your role so you can excel in your role.

29 – 30 October

Delivering world-class discussion and education on the top privacy issues in Australia, New Zealand and around the globe. Summit is your opportunity to network, get insights from, and exchange operational best practices with other ANZ privacy leaders.