In a world driven by data, companies across all industries around the globe face the persistent challenge of navigating this fast-changing and complex area of business and law.

We are pleased to present Deciphering Data, Baker McKenzie’s global webinar series on data privacy and security that aims to help you decode complex developments in cybersecurity, data protection, workplace privacy, regulatory updates, litigation and enforcement.

Our diverse team of cross-border experts offer their expertise and insight in this complimentary series to help you understand the legal lay of the land and prepare for the future of privacy.

New! EMEA Sessions (2022)

UK Data Protection Update
Monday, 20 June
11:00 am BST
Duration: 60 mins

Speakers: Benjamin Slinn (London), Joanna de Fonseka (London), Tamara Mackay-Temsey (London)

An update on UK data protection developments over the last 12 months covering the UK’s proposed data protection reforms, current regulatory trends, and recent developments in relation to data transfers.

Mass Data and Controller/processor Data Claims
Monday, 20 June
2:00 pm BST
Duration: 60 mins

Speakers: Paul Glass (London), Francesca Richmond (London), Kellie Blyth (Dubai), Nathalja Doing (Amsterdam)

A look back over the last 12 months, and anticipated developments over the next 12-18 months.

*Please note that in the section which discussed mass claims developments, the Marriott fine by the ICO was £18m and not £100m. We apologize for the misquote.

Developments in Employee Data Protection
Tuesday, 21 June
11:00 am BST
Duration: 45 mins

Speakers: Zelander Gray (London), Rob Marsh (London), Francesca Gaudino (Milan)

From the increasing trend using employees’ social media posts as evidence in investigations to developments on the use of D&I data to boost diversity in the workplace and employee monitoring, there have been many data protection developments in the employment sphere across EMEA over the past 12 months. This session will take you through some of those key trends and their impact.

The Cyber Security Landscape in Europe
Wednesday, 22 June
11:00 am BST
Duration: 60 mins

Speakers: Paul Glass (London), Lukas Feiler (Vienna), Elisabeth Dehareng (Brussels)

An update on cyber and data breach developments in the last 12 months. This session will include a look forward to upcoming legislative and regulatory requirements and a review of public / private partnership cyber models.

Online Advertising, Cookies and Children’s Data – Trends and Developments
Wednesday, 22 June
2:00 pm BST
Duration: 45 mins

Speakers: Benjamin Slinn (London), John McGovern (London), Patricia Perez (Madrid), Magalie Dansac Le Clerc (Paris)

This session will provide an update on the key data protection trends and developments regarding cookies and online advertising from a UK and EU perspective. We will also cover UK and EU data protection developments regarding processing of children’s personal data in an online context.

Data Ethics – What Does it Mean for Business?
Thursday, 23 June
3:00 pm BST
Duration: 45 mins

Speakers: Julia Wilson (London), Liz Denham (London), Michaela Nebel (Frankfurt), Ray Eitel-Porter (Accenture)

In our concluding session, we will cover the basis of data ethics with examples of what companies are actively doing within this space. We will also explore the crossover between ethics and AI and what impact the proposed AI regulation means for organisation.

Recordings of our recent webinars focused on the global, European, Latin American and Asian data privacy and security landscapes are available below. Please take a moment to watch the recordings of each session.

Global Sessions (2021)

Not ‘If’ But ‘When’: Cybersecurity Global Update
July 8, Thu

Cybersecurity from compliance to crisis. With the ever-increasing threat of ransomware and other cybercrime, we offer a bird’s eye view of cyber security strategy focused on addressing risks, keeping up with regulatory and compliance issues, and managing a cyber crisis. This session is designed to provide a global perspective of what’s keeping executives awake at night with the world’s threat actors becoming seemingly more sophisticated every day, and give practical guidance on how to address these risks and concerns and prepare companies for challenges ahead.

Session 1:
3:00 pm BST / 10:00 am EDT
Duration: 60 mins

Speakers: Michael Egan (Washington, DC), Francesca Gaudino (Milan), Paul Glass (London), Stephen Reynolds (Chicago), Martin Roth (Buenos Aires)

Session 2:
3:00 pm HKT / 4:00 pm JST / 5:00 pm AEST
Duration: 60 mins

Speakers: Francesca Gaudino (Milan), Paul Glass (London), Gillian Lam (Hong Kong), Adrian Lawrence (Sydney), Jo-Fan Yu (Taipei)

Journey Around the World: Data Privacy Global Update
July 13, Tue

The world has seen a swathe of new data privacy and cybersecurity legislation and enforcement actions in recent times. Many query if their global privacy programs should comply with the GDPR framework. We address this and also highlight the crucial elements to look out for in the key laws and regulations across regions including the GDPR and the CCPA, based on our global team’s wide experience working with our international clients.

Session 1:
3:00 pm BST / 10:00 am EDT
Duration: 60 mins

Speakers: Elisabeth Dehareng (Brussels), Roberto Grane (Buenos Aires), Brian Hengesbaugh (Chicago), Benjamin Slinn (London)

Session 2:
3:00 pm HKT / 4:00 pm JST / 5:00 pm AEST
Duration: 60 mins

Speakers: Anne-Marie Allgrove (Sydney), Elisabeth Dehareng (Brussels), Lex Kuo (Hong Kong), Benjamin Slinn (London), Kensaku Takase (Tokyo)

Europe (2021)

Data Protection and Brexit: Where Next?
July 7, Wed
1:00 pm BST / 1:00 pm CET / 8:00 pm HKT
Duration: 60 mins
In partnership with Lexology

Contact Julio Perez for a copy of the recording.

Speakers: Elisabeth Dehareng (Brussels), Paul Glass (London), Joanna De Fonseka (London)

The Brexit transition period formally ended on 31 December 2020, requiring UK, EU and international businesses to take steps to ensure they remain compliant with the two parallel, but separate, data protection regimes which now exist: the EU GDPR, and the UK GDPR.

Data transfers post-Brexit have naturally attracted the most attention, and the interim data transfer solution negotiated as part of the EU-UK Trade and Cooperation Agreement in December 2020 and subsequent announcement of the draft EU adequacy decision for the UK will have come as a relief to many companies.  However, there are also other data protection implications that companies will need to consider in addition to data transfers, as well as broader issues around the longer-term future of UK data protection law.

During this webinar, we will discuss the current state of play in relation to data protection and Brexit and the key aspects that UK, EU and international companies should consider going forward, including:

  • The current position in relation to EU-UK data transfers and the UK adequacy decision
  • Other data protection implications of Brexit to consider now, including requirements to appoint EU or UK representatives or identify alternative lead supervisory authorities in the EU in place of the ICO
  • Possible future developments in UK data protection law, and the UK’s future relationship with the EU in this area
Managing Workforce Data
July 8, Thu
11:00 am BST / 11:00 am CET / 6:00 pm HKT
Duration: 45 mins

Speakers: Francesca Gaudino (Milan), Michaela Nebel (Frankfurt), Julia Wilson (London)

There has been a recent trend of regulatory enforcement and employee activism in the arena of workplace privacy and data protection.  It is challenging to disentangle privacy and employment law considerations, and organizations should look at them holistically.  The pandemic has shone a light on workforce privacy concerns, so that employees are more engaged around them and are willing to speak up.  It has also accelerated some of the more intrusive data processing activities by employers, as well as throwing up some new-ish challenges like testing and vaccinating employees.  

In this session our expert panel will discuss the hottest workplace privacy issues of the moment including employee monitoring by way of productivity monitoring tools and DLP, processing diversity and inclusion data and its limits within Europe, the extent to which employers can get testing and vaccination data about employees, use of AI tools, particularly in the area of recruitment.

When Data Goes Wrong: Enforcement and Litigation Trends Across Europe
July 9, Fri
11:00 am BST / 11:00 am CET / 6:00 pm HKT
Duration: 45 mins

Speakers: Elisabeth Dehareng (Brussels), Lukas Feiler (Vienna), Yann Padova (Paris), Ilay Yilmaz (Istanbul)

Data protection enforcement continues to be on the surge with fines seeing a record year in 2020 across the EU. Action taken by regulators to enforce data privacy law across Europe continues to focus on the measures businesses put in place to protect the security of their systems and data with stricter scrutiny on their overall data governance strategy. In this session, our panel of experts will give a snapshot the enforcement trends we are seeing across the European DPAs, giving practical tips of how companies should approach their data privacy strategy to avoid regulatory action.

Cookies and Online Advertising: Recent Trends in Europe
July 12, Mon
12:00 nn BST / 12:00 nn CET / 7:00 pm HKT
Duration: 45 mins

Speakers: Magalie Dansac Le Clerc (Paris), John McGovern (London), Patricia Perez (Madrid), Davide Cascone (Milan)

Cookies and similar tracking technologies play a key part in the online advertising ecosystem, but have increasingly been in the crosshairs of the authorities in recent years. In this discussion, we take a look at recent regulatory and enforcement trends affecting these technologies in key European markets, including France, Italy, Spain and the UK.

International Data Transfers: What’s Next?
July 14, Wed
11:00 am BST / 11:00 am CET / 6:00 pm HKT
Duration: 45 mins

Speakers: Francesca Gaudino (Milan), Michael Schmidl (Munich), Benjamin Slinn (London)

Following the well-known Schrems II Decision, there has been great uncertainty on the future of international data transfers and how companies can remain compliant in this new environment. Recently, the European Commission has issued the long awaited new set of Standard Contractual Clauses for transfers from the EU to third countries and simultaneously, the United States Government and the European Commission are intensively working for the adoption of a revised version of the EU-US Privacy Shield applicable to transatlantic data flows. 

While the legal landscape seems to start taking shape, many questions remain up in the air and there’s still a long way to go to reach certainty in cross-border data transfers as a whole. 

In this session our expert panel will discuss the current legal context of international data transfers, also bringing to the table practical experience on what a data transfer assessment may look like and how to address the challenges inherent to the new set of SCCs, especially in complex and multifaceted business scenarios.

Latin America (2021)

Data Protection and Consumer Law
September 7, Tue
9:00 am Central Time (US and Canada)

Speakers: Guillermo Cervio (Buenos Aires), Diego Ferrada (Santiago), Maria Eugenia Salazar (Caracas)

Data protection laws and regulations keep changing at a rapid rate in the world, and Latin America is not an exception. In many cases, the human rights approach to data protection laws have resulted in a paradigm build to protect consumers and citizens, which overlaps with traditional consumer law. Data processing may be stepping over consumer protection laws. Judicial rulings on consumer law, punitive damages and data protection matters.

Join us to understand the Latin American approach to data protection in a consumer protection framework, including mitigation measures regarding consumer protection class actions.

Data Breach in Latin America: Overview of Applicable Regulations, Current Environment, Status of Enforcement and Best Practices
September 7, Tue
2:30 pm Central Time (US and Canada)

Speakers: Teresa Tovar (Lima), Carolina Pardo (Bogota), Roberto Grane (Buenos Aires)

Latin America was certainly not exempt of lockdowns during the pandemic and actually saw some of the longest in the global context. These measures did push digital transformation at a faster pace than ever before, hence creating opportunities for new ways of doing business in the region. At the same time, the trend of working from home has become mainstream and the preferred choice for employers and employees. 

These changes as in many other cases, did not come free of challenges. Regulators are very well aware of these and in the past year, Latin America saw enforcement actions related to these risks.

Join us in this session to learn about the data related risks and challenges in Latin America, including security incidents, litigation risks, fines imposed by regulatory authorities and how to respond to a data breached in order to conduct your business in a secure framework.

Phishing and Data Theft
September 8, Wed
11:00 am Central Time (US and Canada)

Speakers: Carlos Vela-Trevino (Mexico City), Alfonso Martinez-Bejarano (Mexico City), Karla Guerrero (Mexico City)

With the raise of the online banking and work-from-home arrangements due to the Covid-19 restrictions, phishing attacks and cyber security incidents have risen significantly. 

Join us to learn how the finance industry is being held accountable for these cases and how they are passing the buck. Additionally, learn in general how businesses can help prevent, reduce and manage risks, as well as how to quickly react to a data theft, analyzing recent developments, administrative actions and court cases. 

Protecting Your Digital Offering: E-commerce
September 9, Thu
10:00 am Central Time (US and Canada)

Speakers: Carolina Pardo (Bogota) and Flavia Amaral, partner of Trench Rossi Watanabe

E-commerce has become a platform and driver for growth, due to an increasing demand of digital offerings to promote products now that globally all industries are being affected by restrictions in opening commercial stores and physical locations.

Join us to discuss lessons learned of the past year and the best practices focusing on data privacy when developing and monitoring your Ecommerce offering, from terms and conditions, payment data, data processing and digital profiling.

Asia Pacific (2022)

Spotlight on Privacy Developments in Asia Pacific
March 28, Mon
1:00 pm HKT / SGT
Duration: 60 mins

Speakers: Jo-Fan Yu (Taipei), Manh Hung Tran (Hanoi), Toby Patten (Melbourne), Zhenyu Ruan (Shanghai), Dominic Edmondson (Hong Kong)

Beyond the pandemic, the data privacy landscape in Asia Pacific has undergone major changes. There has been a wave of new privacy laws, regulations and amendments across the region thus it is crucial to know how to navigate a range of regulatory and legislative requirements. In this session, our speakers will provide a multijurisdictional look at the latest developments in Asia Pacific impacting multinational businesses. 

Artificial Intelligence (AI) and Privacy
March 29, Tue
11:00 am HKT / SGT
Duration: 60 mins

Speakers: Divina Ilas-Panganiban (Manila), Kensaku Takase (Tokyo), Simone Blackadder (Sydney), Alex Toh (Singapore)

With the rise in digital transformation globally, there have been significant advancements in AI and keen interest across sectors to benefit from such technology. Yet parallel to this are concerns around privacy, ethics, bias and discrimination. In this session, our expert panel discuss what could be introduced in Asia Pacific amid regulatory developments in the EU seeking to govern AI systems more stringently. Our speakers will also highlight the current state of AI in the region and share key privacy considerations when deploying AI solutions.

Effective and Sustainable Privacy Compliance Programs
Mar 30, Wed
2:00 pm HKT / 8:00 am CET
Duration: 60 mins

Speakers: Sonia Ong (Kuala Lumpur), Paolo Sbuttoni (Hong Kong), Florian Tannen (Munich)

With varying and quickly evolving data privacy regimes globally and in Asia Pacific, privacy counsels are presented with an increasingly challenging task of implementing and sustaining effective privacy compliance programs for their organizations. In this session, our panel of experts discuss the essentials of a privacy compliance program and will provide practical tips on how companies in Asia Pacific should approach their compliance framework and strategy, including considerations from an EU GDPR perspective.


Brian provides advice on global data privacy, data protection, cybersecurity, digital media, direct marketing information management, and other legal and regulatory issues. He is Chair of Baker McKenzie's Global Data Privacy and Security group.