24th Annual Data Protection Compliance Conference
Day 1 - Speakers Presentations day-2-button Day 3

 

The UK's leading

3-day Data Protection Conference

 

17th, 18th & 19th September 2025

 

Join us in the heart of the City of London for PDP's 24th Annual Data Protection Compliance Conference  

 

 

PDP Conference Hall - 2025

 

 

 

Speakers Presentations - Day 1

17th September 2025


Hear from industry experts as they explore the latest issues and regulatory guidance in data protection, offering practical insights on emerging challenges, compliance strategies, and best practices to stay ahead in a rapidly evolving privacy landscape.
 

Speakers Presentations

 

Conference Chair
 

The Conference is chaired by internationally-renowned Privacy Expert, Bridget Treacy

Bridget Treacy

 

 


 

Emily Keaney

Keynote Address:

ICO Support for Organisations in an Evolving Data Protection Landscape


Emily Keaney Deputy Commissioner, Regulatory Policy, ICO

 

This session offers a practical look at how the ICO will support organisations through the upcoming changes required by the Data (Use and Access) Act 2025.

 

Emily will offer a clear view into the ICO’s strategic priorities for 2025/26, with a focus on emerging developments in AI regulation, evolving approaches to online tracking, and strengthened protections around children’s privacy. The session will also explore how the ICO is shaping a regulatory landscape that actively supports organisational growth and innovation.

 

 


 

Georgina Kon

Cyber Incidents - Lessons From the Front Line


Georgina Kon Partner, Linklaters

 

With the frequency, scale and cost of cyber-attacks growing rapidly, focus on cyber from boards, stakeholders, regulators and the media has never been more acute. This session covers a practical approach to cyber preparedness, including creating and testing effective incident response plans, approach to regulatory engagement, and strategies in relation to affected data subjects - based on experience from the front line of advising on major cyber incidents.
 


Elenor Duhs

UK Data Reform – How Your Organisation Can Benefit From the Changes


Eleonor Duhs  Partner, Bates Wells

 

This session considers the innovations and simplifications in the UK’s data protection regime created by the Data (Use and Access) Act 2025 and explains how organisations can take advantage of them to best effect including in the context of data subject rights requests, legal bases for processing, international transfers, and automated decision-making. It also looks at the effect of the Retained EU Law (Revocation and Reform) Act 2023 and the practical effect of the change from “retained EU law” to “assimilated law” and what that means for data protection compliance.
 


Jamie Drucker

 

How to Use AdTech in a Compliant Way


Jamie Drucker - Partner, Bristows

 

The adtech industry has been under ever increasing regulatory scrutiny. This is especially the case given the volume of user data collected and the number of third parties which process it to deliver targeted ads. This session will focus on the main compliance challenges arising from the deployment of adtech, the regulatory landscape and some practical measures organisations should consider to mitigate risk.  

 

 

 


Duc Tran

Joint Controller Relationships - Should We Be Doing More To Recognise and Embrace Them?


Duc TranOf Counsel, Herbert Smith Freehills Kramer

 

Ever since the GDPR was enacted, organisations have tended to characterise their data-related commercial arrangements with other parties as controller-processor or independent controller relationships, keenly avoiding the joint controller construct. This has not been without good reason: the practical and legal challenges that arise out of recognising and documenting joint controller relationships are not insignificant. However, with regulatory guidance and case law increasingly highlighting the prevalence of joint controller relationships in a range of circumstances, this session explores whether and how we should be recognising and dealing with them in practice

 


Tim Hickman

Negotiating Data Protection & AI Clauses with Suppliers


Tim Hickman - Partner, White & Case

 

As data and AI become ever more essential to running a business, supplier negotiations are becoming a key pressure point. This session walks through practical strategies for negotiating data protection and AI clauses in supplier contracts, exploring examples of terms that are effectively non-negotiable (including standard processor requirements), terms that are worth pushing back on (such as overly broad audit rights or unclear sub-processing terms), and terms that might benefit from a bit of creativity (e.g., when negotiating AI-specific warranties, or restrictions on model training). The session explores how to frame negotiations around operational risk and regulatory exposure, and how to reach a mutually agreeable conclusion.

 


Andrew Gaillie

What the New Data Laws mean for Subject Access Requests


Andrew GalliePartner, VWV

 

The Data (Use and Access) Act 2025 makes several changes to how UK organisations should respond to subject access requests, including clarifying the rules around how much time an organisation has to respond; providing additional certainty on when an organisation may seek clarification from the requester; new provisions around the extent of the obligation to search for personal data in response to a SAR (searches must be "reasonable and proportionate"); and new rules on complaints handling. This session discusses how to implement these changes in practice and how they can assist DPOs manage SARs in more efficiently. 

 


Leonie Power

Erasing the Digital Footprint - Navigating the Right to Deletion


Leonie PowerPartner, Fieldfisher

 

In an era where vast amounts of data are collected about individuals, regulatory focus is turning to the right to deletion under Article 17 of the GDPR. This is evidenced by the announcement of the European Data Protection Board’s 2025 Coordinated Enforcement Framework, in which 32 Supervisory Authorities across the European Economic Area are taking part throughout 2025, which is focusing on the right of deletion. This session looks at the practical challenges organisations face in implementing the right to deletion. These range from technical difficulties in erasing data from all systems to balancing the right to deletion with other legal obligations, and the potential impact on business operations.

 


Panel Discussion: Practical AI Implementation

 

Alison Ledger - Universities Superannuation Scheme

Elham Azarpay - National Gas

Dominic Hutchinson-Backer - Brightwell (BT Pension Scheme)

Karen Blackman - University of Sussex

Lawrence Serewicz - Durham County Council 

 

Organisations have different risk appetites for AI. Hear how experienced data protection practitioners are supporting their organisation’s AI ambitions. Using real-world examples our panel will illustrate pitfalls and successes of recent AI implementation projects.

 

Alison Ledger

Alison
Ledger

 

Elham Azerpay

Elham Azarpay

 

dominic-h-b-bio

Dominic
Hutchinson-Backer

Karen Blackman

Karen Blackman

 

Lawrence Serewicz

Lawrence Serewicz

 

 

 

 

 

< Conference Overview Next - Day 2 & 3 Workshops >
 
 

Book Now

Sign up to PDP's email News Updates

View conferences by:



 

 

Conference

Contributors

& Sponsors:

 

Bates Wells
Bevan Brittan
Bristows

DAC Beachcroft

Eversheds

PDP Training logo black on white

PDPJ-conference-advert
Shoosmiths

vwv-logo-pdp-conference

White & Case

Womble Bond Dickinson

  


 

 

 

Conference
Testimonials

 

 

“Excellent!”
Simon Hall
IBM


“The updates on existing subjects were particularly useful.”
David Pickersgill
Johnson & Johnson


“The networking opportunities were very good. Very useful. Will attend again.”
John Pendleton
Old Mutual


“Speakers delivered good insights into various aspects of the GDPR”
Paul Woods
Government Legal Department


“Very informative and well executed conference”
Claire Robson
Kent & Medway NHS Trust


“The hotel facilities were excellent”
Andrew Dyke
Operation Mobilisation


“An interesting day packed with a plethora of useful materials. The conference never disappoints with the quality of speakers, providing insightful and pragmatic views and interpretations.”
Stephanie Allen
Shop Direct Group


“Very enjoyable day! Well worth attendance. Very good speakers.”
Sarah Rudge
OFQUAL


“All the sessions were informative and well presented. Very enjoyable!”
Fiona Cadger
Standard Life Aberdeen PLC


“Great conference with diverse topics”
Sara Ewen
Ashurst


“The presentations were excellent and thought provoking”
Catherine Bowen-Walker
Close Brothers


“A very well put together and well run conference”
Helen Worthington
Jerrold Holdings


“This conference cannot be improved. Excellent!”
Caroline Mair
Registers of Scotland


“A very useful and well organised conference”
Alistair Browne
British Council


“Very useful, practical and thought provoking”
Ben Moreland
LV=


“I'm extremely impressed by the quality of speakers and content covered. An excellent balance of public and private sectors”
Julie Hinault
States of Jersey Taxes Office


“The mix of speakers meant that a lot of ground was covered effectively.”
Karen Russell
British Arab Commercial Bank


“As usual the Conference was very well organised”
Paul Byrne
British Airways


“Excellent”
Greg Steel
Confused.com


“The conference content was excellent and thought provoking”
Kim Walker
Royal Air Force


“A very helpful conference. Took away some good ideas.”
Lesley Richardson
Financial Conduct Authority


“I found all the presentations very useful. The discussion panel was excellent... thoroughly enjoyed this conference and would not hesitate on coming back”
Scott McFarlane
National Trust for Scotland


“Good variety of relevant topics discussed throughout the day.  Speakers were engaging!”
Ellis Bryant
Saga Plc


“Great to see so many different sectors represented. Well organised!”
Jane Davy
University of Southampton


“Overall, an excellent, informative and useful day. Well worth attending"”
Colin Cluney
Department of Finance and Personnel


“All fantastic”
Leslie Waghorn
Virgin Media


“Another excellent year - very current and topical"
Stuart Gittings
Eli Lilly and Co.


“A very useful conference, a good broad range of speakers that were able to give practical advice"
David Mayers
Lisburn City Council


“All topics very relevant – most particularly the bits about social networking and security breaches.”
Jackie Evans
South Wales Fire & Rescue


“Once again a great conference, which gives me plenty to think about and implement!”
Kevin Giles
Glasgow Housing Association


“Very useful conference”
Alan White
Pitney Bowes


“Excellent. A well run event.”
David Higginson
ING Direct


“Great venue, superbly organised, very professional.”
Julie Barclay
Gambro Lundia


“Another excellent conference.”
Lynn Young
British Library


“Excellent venue, delegate packs and catering. Very focussed, practical and relevant.”
Albert Chan
Greater London Authority