Agenda - One Summit, Three Distinct Streams.

9 October 2017

Join us for complimentary breakfast, coffee and networking during registration from 08.00-09.00 am.

GDPR Roadmap

Introduction to GDPR Summit London
08:55 - 09:00 Main room
Anna Mazzone
Managing Director

Aravo Solutions

Suzanne Rodway
Group Head of Privacy


Ardi Kolah LL.M

Journal of Data Protection & Privacy

Rebecca Turner
Head of Compliance and Privacy


Coffee Break
10:55 - 11:25 Hall

Complimentary coffee, refreshments and networking

Ben Westwood
Data Protection Officer & Senior Privacy Manager

eBay UK

Richard Hogg
Global GDPR Evangelist


Jacqueline de Gernier
Area Vice President


Demonstrating Privacy by Design
13:00 - 13:15 Main room
James Hoggett
Global Black Belt - Office 365 Sales Specialist


Ken Linscott
Product Director Domains and Security


Darine Fayed
Head of Legal & Data Protection Officer


Jon Allen
Software Delivery Manager


Coffee Break & Networking
15:55 - 16:25 Main room
Jim Shields
Creative Director

Twist & Shout Media

Frederick Oberholzer
Global Head, Privacy Consulting


Anna Mazzone
Managing Director

Aravo Solutions

HR GDPR Briefing

Andrea Ward
Senior Associate

McGuireWoods London LLP

Dennis Holmes
Cyber Security and Data Protection Solicitor


Gert Beeckmans
Chief Risk & Security Officer

SD Worx

Mark Burnett
Director and Certified GDPR Data Protection Officer


By Matt Bruce, Microsoft

Gert Beeckmans
Chief Risk & Security Officer

SD Worx

Ty Winter
Global Privacy Officer

Cornerstone OnDemand

Mathew Lewis
SVP and Co-head, Global Regulatory Practice


Leon Atkins
Founder and CEO

Obsey International

Margaret Umoh
CEO & Lead Consultant

Steer Consult Ltd

Consent & Age Related Digital Rights

Lord Erroll will discuss the UK’s Digital Economy Act 2017 and the importance of the PAS 1296 Online age checking – Code of practice for those enterprises mandated to conduct age-checks. Dr. Bill Limond will explore the implications of the General Data Protection Regulation (GDPR) for the data economy. Dr O’Connell will speak about article 8 of the GDPR and how the PAS will assist those businesses required to obtain verified parental consent before processing children and young people's data.

Dr. Rachel O'Connell

The Trust Bridge


Building trust in a post-GDPR environment is an evolution but GDPR is a unique opportunity to prepare and organise data and information flows for the benefit of your business as well as legal compliance. GDPR is about good governance and trust. Without confidence in you, your organisation/business and your data controls, reputations slide and you risk undermining the assets that underpin your business.

Lisa Atkinson
Group Manager, Policy & Engagement Department


Coffee Break
11:00 - 11:15

Government seeks to advance the UK's global leadership in IoT and increase the adoption of high quality IoT technologies and services throughout businesses and the public sector. Adequate data governance is fundamental, not only in managing risks but also as a market differentiator.

Louise Bennett

BCS Security Community of Expertise


The General Data Protection Regulation defines consent as a “freely given, specific, informed and explicit” indication of wishes, either by statement or by clear affirmative action. According to the GDPR, it shall not be a legal basis for data processing if there is a “significant imbalance” between the controller and the data subject. It is incumbent on the controller to prove that consent has been given. The GDPR introduces direct obligations for data processors, and so from May 2018, processors will also be subject to penalties and civil claims by data subjects for the first time. As supervisory authorities enforce penalties on controllers for lack of proper vetting, processors may find themselves obligated to obtain independent compliance certifications. This panel will explore a range of issues relating to consent, such as the legal basis for processing, data provenance, and information rights

Krisztina Huszti-Orban
Senior Researcher

University of Essex

John Mitchison
Head of Preference Service, Legal and Compliance



This panel will explore the role of age verification, content labelling and the protection of children online in the wider digital context. In November, the British Standards Institution will publish a technical standard entitled PAS 1296 Age Checking code of practice. The audience for the PAS is:

  1. any organization that wishes to use age check services to conduct age checking, including online merchants and service providers who deal with age-sensitive products; and
  2. any organization providing age check services.

The standard was written to assist those businesses that are mandated to comply with legal requirements in conducting age checks, such as 18+, below 7 or over 16 years old. 

Dr. Rachel O'Connell

The Trust Bridge


GDPR practitioners provide advice and guidance:

Get answers to those those burning questions about GDPR that you don't want to ask out loud.

Throughout the day you can place your GDPR related questions in the TheTrustBridge’s GDPR jar, and during this final session, GDPR specialists will provide advice on running an effective GDPR alignment programme and answer your questions

Dr. Rachel O'Connell

The Trust Bridge



Get in touch for more information!

Venue address

155 Bishopsgate, London, EC2M 3YD

Get in touch

Jacob Ludlow