This year, for the 20th time, the Croatian Personal Data Protection Agency is marking the European Data Protection Day with a conference entitled “Personal Data Protection in Artificial Intelligence Systems”, which will take place at the National and University Library in Zagreb (CroAtrium entrance), Judita Hall, on Wednesday, 28 January 2026, starting at 10:00 a.m.
With the aim of raising public awareness of the fundamental human right to the protection of personal data and privacy, the Council of Europe, with the support of the European Commission, proclaimed 28 January as European Data Protection Day in 2006. Internationally, this day is also known as Privacy Day.
This year’s conference is taking place at a particularly significant moment for European digital policies. The European Commission has proposed amendments to a number of key digital-regulation instruments, including the General Data Protection Regulation (GDPR), the Artificial Intelligence Act (AI Act), and the ePrivacy framework, brought together under the so-called Digital Omnibus. The announced amendments aim to simplify the regulatory framework and foster innovation and the digital economy, while simultaneously raising concerns about maintaining a high level of personal data protection.
Although many aspects still require careful analysis, the Croatian Personal Data Protection Agency, the European Data Protection Board, and the European Data Protection Supervisor have highlighted that the proposed amendment to the definition of personal data goes beyond recent case law of the Court of Justice of the EU and exceeds the scope of a targeted amendment of the GDPR, potentially having a negative impact on the fundamental right to data protection.
In the context of these proposed changes, the central part of the conference will be a panel discussion entitled “Digital Omnibus: Deregulation in the Service of Innovation or a Threat to Human Rights?”, focusing on the analysis of the practical effects of the current and future regulatory framework on the development and deployment of artificial intelligence systems. The discussion will cover the experiences of AI developers, as well as the scientific and academic community, in applying the GDPR and the AI Act, with a particular emphasis on regulatory barriers that may in practice slow down innovation, but also on opportunities to adapt regulations in a way that enables technological progress while preserving a high standard of protection of individual rights. The panel will also address the challenges faced by the Croatian Personal Data Protection Agency in the effective enforcement of the GDPR.
In addition to the panel discussion, the conference will feature expert lectures that will present key aspects of artificial intelligence and personal data protection in a clear and practical manner. The lectures will address current issues related to the practical application of AI technologies, the responsible and secure use of AI tools, compliance with the GDPR and the AI Act, as well as the identification and mitigation of risks associated with the use of AI systems.
In the second part of the event, Anamarija Mladinić, Vice-Chair of the Consultative Committee of Convention 108, will present the work of the Committee on developing Guidelines on Data Protection in the Context of Large Language Models.
Register and join us in marking this year’s European Data Protection Day through engaging lectures and a dynamic panel discussion!
CONFERENCE PROGRAM
09:30 – 10:00 Participant registration
10:00 – 10:20 Opening remarks
-
Zdravko Vukić, Vice-Chair of the European Data Protection Board and Director of the Croatian Personal Data Protection Agency
-
Assoc. Prof. Zlatko Stapić, PhD, Vice-Dean, Faculty of Organization and Informatics Varaždin, University of Zagreb
-
Representative of the Ministry of Justice (tbc)
10:20 – 11:50 Panel discussion
“Digital Omnibus: Deregulation in the Service of Innovation or a Threat to Human Rights?”
Panelists:
-
Marko Trošelj (Head of the Department for International Cooperation, Legal Advice and Projects, Croatian Personal Data Protection Agency)
-
Ema Menđušić Škugor, PhD (Divjak, Topić, Bahtijarević & Krka Law Firm)
-
Duje Kozomara (Politiscope Association)
-
Marijana Šarolić Robić (Attorney-at-law, Vice-President of the CRO STARTUP Association)
-
Prof. Dijana Oreški, PhD (Laboratory for Data Mining and Intelligent Systems, Faculty of Organization and Informatics)
Moderator:
-
Anamarija Mladinić, Head of the Sector for EU Affairs, International Cooperation and Legal Affairs, Croatian Personal Data Protection Agency; Vice-Chair of the Consultative Committee of the Convention 108, Council of Europe
11:50 – 12:20 Break
12:20 – 12:40 Lecture
“Artificial Intelligence: Revolution or Hype?”
– Ema Menđušić Škugor, PhD
12:40 – 13:00 Lecture
“Regulation of Artificial Intelligence: From the EU Framework to National Implementation”
– Maja Vitaljić, Acting Director, Directorate for Digital Economy, Ministry of Justice, Public Administration and Digital Transformation
13:00 – 13:20 Lecture
“How to Use AI Tools and Remain GDPR-Compliant”
– Karlo Paljug Zorko, Head of the Artificial Intelligence Department, Croatian Personal Data Protection Agency
13:20 – 13:40 Lecture
“Risks in Artificial Intelligence Systems and Mitigating Measures”
– Anamarija Mladinić, Head of the Sector for EU Affairs, International Cooperation and Legal Affairs, Croatian Personal Data Protection Agency; Vice-Chair of the Consultative Committee of the Convention 108, Council of Europe
13:40 – 14:40 Networking Lunch
