Director of the Agency, Zdravko Vukić, Deputy Director Igor Vulje and their associates participated at the 31st Spring Conference, which was held in Budapest from May 10 to 12, 2023 and hosted by the Hungarian Data Protection Authority.
In the welcome speech at the opening of the Conference, Director Zdravko Vukić, as the host of last year’s Spring Conference, pointed out that supervisory authorities across Europe have a common voice and share the same goals and challenges.
“Data protection authorities all over Europe may have many differences, but we all have a collective European voice and we share the same goals and challenges. Our main goal and challenge is to effectively protect data protection rights of European citizens in the age of emerging technologies”, said Director Vukić and added that “the GDPR definitely has still not delivered its full potential, but it remains one of the strongest and most comprehensive laws to regulate the collection and use of personal data by governments and the private sector. Without any doubt, GDPR has immeasurably improved the privacy rights of individuals and has become a compass for countries outside the European Union that want to grant to their citizens a high level of personal data protection.”
The Conference of European supervisory authorities, the so-called Spring Conference, is aimed only at members and observers and consists of 62 national and regional data protection authorities, the European Commission, the European Parliament, the European Union Agency for Fundamental Rights, Europol, Eurojust and the Council of Europe. It is an exceptional opportunity for supervisory authorities to discuss the issues they face, and to exchange best practices, share know-how and gain new knowledge in the field of personal data protection.
The Croatian Personal Data Protection Agency is a full member of the Spring Coference of European Data Protection Authorities since 2008, and in 2022 for the first time organised the Conference in Cavtat (Dubrovnik), Croatia.
Director Zdravko Vukić highlighted that during the conference in Cavtat, the members of Spring Conference adopted a resolution to accelerate the ratification of the Convention 108+.
In their keynote speeches, Isabelle Servoz-Gallucci, Head of the Data Protection Unit of the Council of Europe and Secretary of Convention 108 Committee, Wojciech Wiewiórowski, European Data Protection Suprevisor and Zdravko Vukić stressed that the modernized Convention 108 is an indispensable tool for the protection of people’s privacy and dignity in our modern data-driven world. Andrea Jelinek pointed out the cruicial role that the EDPB plays in the consistent application of data protection rules throughout the European Economic Area, as well as in promoting EU data protection as a global model and in ensuring the effective protection of personal data beyond the EU borders.
The topics of this year’s Conference were the impact of new technologies on privacy and data protection rights, the interaction of competition and data protection laws, best practices in implementing cooperation between data protection authorities, as well as the protection of children’s privacy in the digital environment (side event organized by Italian DPA, Garante Privacy), and the role of the data protection officer within the organisation.
The role of the data protection officer was also discussed at the Privacy Symposium 2023, at the panel “The Future of the Data Protection Officer”, where Director Vukić participated. At that time, he pointed out, inter alia, that understanding of the importance of the role of the data protection officer among controllers, as well as their knowledge to date, is at a low level and that DPOs do not have sufficient independence in their work.
However, the Agency has always supported data protection officers and continuously organises various trainings intended for DPOs and will continue the same through the implementation of the EU funded project ARC II and other activities tailor made to the needs of this target group.
During the panel session dedicated to the relationship between DPOs and DPAs, Iva Katić, member of the ARC II project team, presented the expected results and activities of this valuable project, which Croatian and Italian DPAs, Faculty of Informatics and Organisation from Varaždin, Vrije University Bruxelles and University of Florence implement together with the goal to support micro, small and medium-sized enterprises to comply with the data protection legislation.