The Hague, South Holland, Netherlands
Contact Info
7K followers
500+ connections
About
Experience & Education
Volunteer Experience
-
Mentor
W@Privacy
- Present 3 years 2 months
A cross-organisation mentoring scheme for women professionals. Female mentees are matched with mentors who work in a complementary discipline of the profession. The programme aims to give mentees access to impartial and independent career advice from their mentors, and to give participants in the programme networking opportunities in W@ activities.
-
Board Member
Musica Antica
- Present 3 years 10 months
Arts and Culture
Musica Antica organises classical concerts in the broader The Hague area.
-
Member of the Policy Board
The Information Accountability Foundation
- Present 4 years 6 months
The IAF is a global information policy think tank that successfully works with regulatory authorities, policymakers, business leaders, civil society and other key stakeholders around the world to help frame and advance data protection law and practice through accountability-based information governance. As member of the Policy Board, I contribute to the discussions identifying the IAF's priority topics and provide updates and advice to the Executive Director, with a focus on EU data protection…
The IAF is a global information policy think tank that successfully works with regulatory authorities, policymakers, business leaders, civil society and other key stakeholders around the world to help frame and advance data protection law and practice through accountability-based information governance. As member of the Policy Board, I contribute to the discussions identifying the IAF's priority topics and provide updates and advice to the Executive Director, with a focus on EU data protection developments.
-
Member of the Decision-Making Oversight Committee
D66
- Present 4 years 9 months
Politics
At the November 2019 party conference, I was elected as a member of the national committee overseeing the decision-making process at party conferences.
-
Campaign Manager Regional Elections 2019
D66 Zuid-Holland
- 9 months
Politics
On 20 March 2019, the Netherlands went to the polls for regional elections, deciding the composition of the regional parliaments as well as the Senate. I have lead the campaign for D66 in the province of South Holland, where I have been a regional councillor for 8 years. Against expectations, the party was able to maintain five out of their seven seats, making it one of the best election results while the party was part of the national government.
-
Member of the Manifesto Committee
D66 Zuid-Holland
- 1 year 5 months
Politics
Part of the committee drafting the regional election manifesto for the 2011 elections.
-
Member of the Manifesto Committee
D66 Zuid-Holland
- 1 year 1 month
Politics
Part of the committee drafting the regional election manifesto for the 2007 elections.
-
Secretary of the Regional Election Committee
D66 Zuid-Holland
- 7 months
Politics
Secretary of the committee responsible for the administrative process to submit the electoral list.
-
Volunteer
Giving Back Nederland
- 2 years 1 month
Civil Rights and Social Action
Organisation of the annual workshop “Introduction to Politics and Debating”
-
Member of the Board
YoHoCo
- 1 year 1 month
Civil Rights and Social Action
Member of the Board of the Association of Young Professionals working for the Netherlands High Councils of State. I was responsible for the annual study visit.
-
Member of the Study Visit Committee
YoHoCo
- 5 years
Civil Rights and Social Action
Member of the Study Visit Committee of the Association of Young Professionals working for the Netherlands High Councils of State.
Publications
-
A Risk-Based Approach to International Data Transfers
European Data Protection Law Review
Since the Schrems-II judgment, a discussion is taking place on solving the challenges organisations face when transferring personal data out of the European Economic Area: can they rely upon data transfer risk assessments, and may they also consider the likelihood of the risks actually occurring? If not, it seems unavoidable that many international data flows will either need to stop or continue illegally, since the threshold to transfer personal data would become too high to work with on a…
Since the Schrems-II judgment, a discussion is taking place on solving the challenges organisations face when transferring personal data out of the European Economic Area: can they rely upon data transfer risk assessments, and may they also consider the likelihood of the risks actually occurring? If not, it seems unavoidable that many international data flows will either need to stop or continue illegally, since the threshold to transfer personal data would become too high to work with on a daily basis. This paper discusses why a risk-based approach to international transfers is both needed and legal, why the guidelines of the European Data Protection Board may be expecting too much from organisations and what a risk-based data transfer should mean in practice. Apart from legislative change, a solution can be found in increased accountability and transparency by organisations, to regain public trust.
-
On large-scale data processing and GDPR compliance
IAPP
This blog post describes what should be considered as large-scale processing under the GDPR, to help organisations determine if they are processing data that should be regarded as high risk, and thus requiring a data protection impact assessment.
-
The GDPR Implementation in the Netherlands
Blog Droit européen
On 22 May 2018, the GDPR Implementation Act (hereafter: the Implementation Act) was published in the Official Journal of the Kingdom of the Netherlands thereby completing the legislative process that officially started on 12 December 2017. This paper, published in the framework of an e-conference on the implementation of the GDPR in the EU Member States, analyses the legislative process and the Dutch GDPR Implementation Act.
-
Demonstrating Compliance to Regulators
Nymity
Demonstrating compliance is an essential part of privacy and data protection laws around the world. What it means to demonstrate compliance, and what kind of evidence should be provided however, has not been clearly defined. With the General Data Protection Regulation (GDPR) in sight, Nymity has therefore launched its next research projects: Demonstrating Compliance to Regulators, Based on a Rule of Law and The Possible Introduction of a New Certification Mechanism Tied to a Rule of Law. The…
Demonstrating compliance is an essential part of privacy and data protection laws around the world. What it means to demonstrate compliance, and what kind of evidence should be provided however, has not been clearly defined. With the General Data Protection Regulation (GDPR) in sight, Nymity has therefore launched its next research projects: Demonstrating Compliance to Regulators, Based on a Rule of Law and The Possible Introduction of a New Certification Mechanism Tied to a Rule of Law. The outcomes will be relevant for both organisations and regulators. During the course of these two research projects (“Regulator Projects”) we will cooperate with data protection authorities and data controllers in order to test our ideas.
Other authorsSee publication -
Krijg ik ooit het recht op een goede dood?
The Post Online
Over het recht om zelf te mogen beschikken over het eind van je leven.
-
Gevoelige informatie zit overal en bij iedereen
De Volkskrant
Onacceptabel dat het bedrijfsleven veel gegevens bezit van onschuldige burgers. Stop met het ongebreideld opslaan...
Other authors
Projects
-
Third Country Module of the EU Cloud Code of Conduct
-
Following the approval of the EU Cloud Code of Conduct by the Belgian DPA, the General Assembly has agreed to work on the development of a Third Country Module for the Code of Conduct. This Module should provide the appropriate safeguards to transfer personal data outside the European Economic Area. As Chair of the working group, I’m actively supporting the development of the Third Country Module and leading the debate between the representatives of numerous cloud service providers.
-
Demonstrating Compliance to Regulators & EU Data Protection Certification
-
From June 2016 onwards, I'm part of the Nymity Research project team on Demonstrating Compliance to Regulators & EU Data Protection Certification. The two projects aim to provide further clarification and guidance on the practical application of several provisions of the General Data Protection Regulation, ahead of its entry into application on 25 May 2018.
-
Rapporteur WP29 Opinion on the EU - U.S. Privacy Shield draft adequacy decision
-
During this project, I was one of the lead rapporteurs of the WP29 Opinion on the Privacy Shield, coordinating the input from various European data protection authorities.
-
Rapporteur WP29 Opinion on the data protection reform proposals
-
As co-rapporteur on the WP29 opinion on the data protection reform proposals, I was responsible for coordination the input of the various European data protection authorities on the draft Police and Justice Data Protection Directive.
-
Project Leader 37th International Privacy Conference, Amsterdam
-
As project leader I was responsible for the overall coordination of the 37th International Conference of Data Protection and Privacy Commissioners, that was held in late October 2015 in Amsterdam. The Conference consisted of a 1,5 day closed meeting of data protection authorities from around the globe and a 1,5 day open meeting for all stakeholders involved in privacy and data protection issues. In addition, two half days were spent on data protection related side events. During the Conference…
As project leader I was responsible for the overall coordination of the 37th International Conference of Data Protection and Privacy Commissioners, that was held in late October 2015 in Amsterdam. The Conference consisted of a 1,5 day closed meeting of data protection authorities from around the globe and a 1,5 day open meeting for all stakeholders involved in privacy and data protection issues. In addition, two half days were spent on data protection related side events. During the Conference week, a series of evening events was also hosted by the Dutch DPA.
-
Secretary Executive Committee International Conference of Data Protection and Privacy Commissioners
-
From October 2011 until October 2014, I acted as one of the two secretaries of the Executive Committee of the International Conference of Data Protection and Privacy Commissioners, assisting the Chairman and the members of the Committee with the organisation of the annual closed meeting of data protection authorities.
-
Rapporteur WP29 Opinion on Surveillance of electronic communications for intelligence and national security purposes
-
Co-author of the WP29 Opinion in response to the Snowden revelations, as well as of the Working Document that was published later in 2014
Honors & Awards
-
LeaDeR Award Most Effective EU Ambassador 2014 - finalist
Alliance of Liberals and Democrats for Europe
The LeaDeR Awards are an initiative of the Alliance of Liberals and Democrats for Europe Group in the European Union Committee of the Regions. I was a finalist for the 2014 Award for Most Effective EU Ambassador, following my candidature for the European Parliament and ongoing efforts to support European cooperation.
-
IMPACT Award for Passion (2H 2020)
TrustArc
The TrustArc IMPACT Award is based on our company core values. They are: Innovation, Make it Happen, Passion, Accountability, Customer Focus & Teamwork. Everyone in the company has the ability to nominate a co-worker for one of these core values.
Languages
-
Engels
Professional working proficiency
-
Frans
Professional working proficiency
-
Nederlands
Native or bilingual proficiency
-
Duits
Limited working proficiency
Other similar profiles
-
❤️ of Privacy, K Royal, JD, PhD
Connect -
Cosimo Monda
Director, European Centre on Data Privacy and Cyber Security
Connect -
Sean Falconer
Connect -
Debbie Reynolds
Connect -
Akarsh Singh
Connect -
Helena Bossini Castillo
LLM CIPP/US CIPM DPO
Connect -
Yazan AlMasri
Freelance CyberSecurity and Privacy Advisor, helping organizations develop an effective Information security and Privacy Programs, MSc, DPO, CISSP, CRISC, 27001 LI,22301 LI, CICP, PMP, ITIL
Connect -
Robert Baugh
Connect -
Diogo Duarte
LL.M., CIPP/E, CIPM, FIP, ECPC-G | Privacy Counsel | Data Protection Officer | GDPR Compliance Specialist
Connect -
Richard Merrygold
Connect
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Paul Breitbarth
1 other named Paul Breitbarth is on LinkedIn
See others named Paul Breitbarth