GDPR News » RAID (REGULATION – AI – INTERNET – DATA) Conference

EDPO just attended the RAID (REGULATION – AI – INTERNET – DATA) Conference, which happened on September 29-30 in Brussels. 

Here are the key takeaways:

1️⃣ Cross-border data transfers remain one of the toughest compliance challenges – Schrems II, SCCs, and adequacy decisions still dominate the debate.

2️⃣ Health data is a test case for innovation vs. data protection – EHDS, GDPR, and the AI Act must align to avoid fragmentation.

3️⃣ AI in finance is accelerating fast, but risks like bias, hallucinations, and over-reliance demand explainability and oversight.

4️⃣ The EU’s regulatory landscape is both protection and paradox; too much complexity risks becoming a “regulatory maze” but simplification and central enforcement could restore clarity.

5️⃣ Investors want predictability. Fragmentation and shifting rules deter funding, while smart, stable regulation could turn Europe into a real AI hub. 

6️⃣ Privacy is shifting from “privacy by design” to “privacy by strategy”. Executive boards now treat it as a business priority, not just a compliance checkbox.

7️⃣ Europe wants to lead responsibly. From pseudonymization in health data to explainability in AI, the emphasis is on trust and human rights, and not just speed.

👉 The main message: Regulation is not the enemy of innovation. When done right, it’s the enabler of trust, competitiveness, and long-term growth.

🤝 It was great to connect with so many of you in Brussels. See you next year!