Taking the Temperature of Tech Policy Debates in Brussels at CPDP

Audio of this conversation is available via your favorite podcast service.

In this episode, we reflect on the 19th edition of CPDP (Computers, Privacy and Data Protection), the major Brussels tech policy conference, held under this year's theme "Competing Visions, Shared Futures." We discuss the dominant debates from the gathering, including over Europe’s Digital Omnibus simplification package, digital and tech sovereignty, researcher access to platform data under the Digital Services Act, the rising prominence of child online safety and the EU's move to ban nudification apps.

We feature voices from across the conference, including Tech Policy Press contributing editor Mark Scott, AlgorithmWatch's Oliver Marsh, the Knight-Georgetown Institute's Peter Chapman, the Center for Democracy and Technology's Marie Seck, Project SENTIMENT's Joel Baumann, Mozilla's Svea Windwehr, and conference director Barbara Lazarotto.

And, you’ll hear two interviews: a conversation with European Data Protection Supervisor Wojciech Wiewiórowski on whether the GDPR needs reform amid the simplification push, and a wide-ranging reflection from CPDP founder Paul De Hert on how the conference and the field of data protection have evolved over nearly two decades, the value of reasoned disagreement, and why Europe should be more self-critical.

What follows is a lightly edited transcript of the discussion.

Justin Hendrix:

In today's episode, we're going to consider some of the themes and ideas discussed in Brussels last week at one of the year's most important tech policy conferences where I met my colleague, Tech Policy Press Senior Editor Ramsha Jahangir. Morning, Ramsha.

Ramsha Jahangir:

Good morning, Justin. How are you?

Justin Hendrix:

I'm doing well. It was great to see you last week in Brussels. We had rainy weather to start the week, but it got beautiful as the week went on.

Ramsha Jahangir:

It did. I think you got the good side of Brussels and the bad side of Brussels.

Justin Hendrix:

So we attended the 19th installment of CPDP, which stands for Computers, Privacy and Data Protection. This wasn't your first time participating in this conference. What's this thing about?

Ramsha Jahangir:

It wasn't, I think it's my third time. And it's a great conference to be at. It's a great mix of academics, legal experts in civil society and policymakers, the usual Tech Policy Press community. And I think it's a good place to gauge what the mood is in Brussels on topics relevant to our field.

Justin Hendrix:

Well, the best thing for me was getting to see so many folks from the Tech Policy Press community, contributing editors Mark Scott, Amber Sinha, so many of our contributors from across Europe and beyond. I really just appreciate the opportunity to be in on place with you all. We spend so much time on Zoom and on calls and spread out around the world.

Ramsha Jahangir:

It was really nice to see you as well and not be the only one present in these meetings for once. So it was great meeting Mark and Amber as well. And also Ashley, our assistant editor, who I hadn't met before.

Justin Hendrix:

So this was a big conference. There were four days of activity, three full days of sessions, hundreds of speakers, dozens and dozens and dozens of panels, just so much going on.

Ramsha Jahangir:

To many people, when I introduce CPDP, I say it's the RightsCon of Brussels. So the scale is obviously not as big as RightsCon, but it really does capture all the debates happening in terms of privacy and data protection. And especially this year, the simplification push in Europe and the child safety debate are picking up steam, and as you could see with the conference, were also dominating the discussions.

Speaking of community, Barbara Lazarotto, the director of the conference, talked about the challenge of packing in all of the themes and balancing the perspectives of the community.

Barbara Lazarotto:

Well, helping to organize CPDP is a learning experience for sure. One thing that I found very interesting is how to balance industry speakers with academic speakers and policymakers to make panels cover different areas on the same topic from different angles, but also balance different topics that sometimes overlap and how you do it, so how you manage the overlaps between topics and make the conference quite interesting for everybody.

Justin Hendrix:

So the high level theme for the conference was "Competing Visions, Shared Futures." My general sense is we heard some degree of competition between visions for European policy amongst the Europeans that were in attendance, but the most significant contest was the one between the US and Europe. Issues like tech sovereignty and the future of democracy were at the fore. We heard a lot about digital sovereignty in particular, and a major point of discussion was the Digital Omnibus. Remind our listeners on this side of the pond what that is.

Ramsha Jahangir:

Digital Omnibus we've been covering extensively since last year, I would say, at Tech Policy Press. So it's a proposed EU legislation simplification package that bundles across several laws. The goal is to reduce overlap, redundancies, and streamline compliance. Most recently, the European Parliament and Council reached an agreement over the AI Omnibus, which is meant to streamline how the AI Act is implemented and aligned with other digital laws. So I think the commission is expected to finalize the AI Omnibus over the summer. And then we're also expecting the Data Omnibus that is meant to streamline GDPR enforcement. So it's quite a relevant debate right now. It's also quite contested, as we saw at the conference. And I think the predominant concern is that people think the regulation is being disguised as simplification.

Justin Hendrix:

Yeah, these were probably the sessions that got the most heated. We spoke to a bunch of folks who were on the sidelines of these sessions. Here's what Oliver Marsh from AlgorithmWatch had to say.

Oliver Marsh:

Well, I've made the joke several times that all the Digital Omnibus panels should have been simplified into one big Digital Omnibus panel, but also they were widely different. Some of them incredibly detailed at article level and some of them broadly at kind of narrative and what's the process and how the process of EU lawmaking is failing if we're going towards Digital Omnibus. So you get quite a lot of different perspectives, but I'm not always sure we were having the same discussion.

Justin Hendrix:

Oliver pointed to a disconnect between the commission statements on the omnibus and the views of many in civil society, which seems to be something we're seeing more and more.

Ramsha Jahangir:

I think the disagreement and people talking about the same thing and meaning different things is actually a very accurate observation, I would say. But also we could see on a higher level, some panels were debating article level amendments while others were discussing systemic failure of EU lawmaking. So there's kind of no shared definition of the problem that omnibus is supposed to solve. And I think that's why there's a lot of frustration specifically within civil society in terms of what is the Digital Omnibus? Is it a targeted consolidation of existing rules or is it a broader attempt to reset how EU tech regulation is constructed and enforced?

Justin Hendrix:

The other theme underlying much of the discussion was tech sovereignty, digital sovereignty. Here's what our contributing editor, Mark Scott, had to say.

Mark Scott:

I think there were four separate conversations on digital sovereignty going on intertwined across multiple panels and sort of in the coffee breaks, et cetera. One is just the high politics of there's the tech sovereignty package coming from the European Commission now on June 3rd. So what does that look like in terms of high politics, the underlying commission laying out what they think geopolitically.

There's the corporate focus. There are companies here at CPDP laying out like, "No, we should keep interoperability and connectivity." And I have some sympathy for that because as much as some Europeans may want to pull back from US tech, US tech is also useful for many products and services and you can't just rip and replace overnight. That's just impractical for a variety of reasons. So there's that sort of corporate rearguard action going on in terms of like, "We're good European citizens too. We should be part of it."

The third one is the more EuroStack focused, "Let's rip and replace. We need European solutions for European problems." That is also being supported by European industry. So there's a sort of bizarro corporate element going on on the other side and that's fine. This is what ... They are the business decisions to be made.

But the one that I was most hopeful about was more nuanced in which there was a realization that you can't just make European tech products for Europeans. That's not how the internet works. So how do you build in common standards? How do you look to work with like-minded countries such as Canada, South Korea, Japan, and even the US to a degree? Because again, the internet is not regionalized. We should not Balkanize it via services or goods.

And that I took a bit of hope that we are seeing some nuance in what digital sovereignty looks like. You don't just need to create a German AWS. You might be able to create common standards, open source things that allow people and primarily citizens to make a choice rather than saying, "You must now buy French because we don't like the Americans anymore." That's unrealistic and also not what European citizens want. So that nuanced conversation is finally starting to happen and I take hope from that.

Ramsha Jahangir:

I think Mark was quite correct in terms of terming the tech sovereignty debate. I quite agree with his assessment, as always. In most cases, Mark is always right. Digital sovereignty has become sort of a container term, I think, that allows incompatible objectives to coexist without being resolved. And my biggest pain point is Made in Europe discourse because that's not really how the tech stack works in practice, but that's just my take.

Justin Hendrix:

Yeah. We've had a lot of debate on Tech Policy Press about the extent to which Europe could plausibly move to its own technology platforms and stack, the extent to which real people would even want that. I'm sure we'll continue to see lots of discussion about that over the next few months.

Now it's a niche topic, but there was also a good amount of discussion about researcher access to platform data under the DSA. That's a topic we have probably given more space to than any other publication at Tech Policy Press. And commission broke a little bit of news about the volume of data access requests that have come through under Article 40.

Ramsha Jahangir:

Peter Chapman from the Knight-Georgetown Institute spoke to that following a panel on the subject

Peter Chapman:

Knight-Georgetown Institute convened a panel on the current state of platform access under the Digital Services Act. And we heard experiences from researchers and officials at the European Commission about how to expand public and private data access with digital platforms. The commission broke some news saying that 49 submissions had been entered under Article 40.4 of the Digital Services Act, which enables independent researchers who meet certain conditions to access non-public information from digital platforms. None of those 49 submissions have yet been approved, but it's an area where there is a lot of activity.

Justin Hendrix:

And of course, Mark was the moderator of that panel. Afterwards, I asked him when we might expect to see the first PhD minted off of data acquired under the DSA.

Mark Scott:

So I am very skeptical that will ever happen, particularly when it comes to private data. In terms of Article 40, largely without getting too granular, there's a 40.12 article which is public data, what we put up publicly. The private data, Article 40.4, is more proprietary systems, how the recommended systems work, et cetera. If I was a betting man, which I am not, I would say 2030 would be the earliest we'll get any type of academic literature peer reviewed in a publication.

Justin Hendrix:

Ramsha, you ran a panel that was focused on a more immediate problem, the ways in which researchers are being targeted by the Trump administration.

Ramsha Jahangir:

Very timely, but unfortunately it was on a Friday afternoon where CPDP is a very long conference, it's a three-day conference, so we didn't get quite the attendance as we expected, but I think this is a very important conversation to be had.

And what we discussed was there's a difference between pressure that's designed to stop specific work and then there's pressure designed to send a signal to the whole field. And these attacks, not just only from the US but also within Europe as we've shown with our latest piece by Dean Jackson charting a transatlantic influence within Europe within the far right groups, those are actually sending a signal to the whole field.

And there's also this question that came up during the discussion about who leads the fight. So the news had just been reported ahead of the conference that the commission is considering a GDPR complaint against tech companies for disclosing personal information of 30 staff members who were mentioned in the report shared with the US government. And the question was, would that apply to the researchers and others named in the reports as well? And if yes, who gets to file a GDPR complaint on their behalf?

Justin Hendrix:

So you mentioned our colleague, Assistant Editor Ashley Faler. She spoke to a bunch of folks at the conference as well, including the Center for Democracy and Technology's Marie Seck, about some of the discussion at the conference on issues like child online safety and tech-facilitated gender-based violence.

Marie Seck:

I'm on the Online Expression and Civic Space team. We work on all things related to free expression online. These days, that's a lot of the DSA. And the reason I'm here today is, well, yesterday we organized a workshop on age gating and how to think beyond that as a concept because that's a lot of the conversations we're having these days in the EU space is related to child online safety and we are interested in that in so far as it relates both to the human rights participation and of privacy too of children and human rights safety, of course, and the freedom of expression and rights participation of everyone online.

Justin Hendrix:

She mentioned the steps the EU is taking to address nudification apps.

Marie Seck:

Today I'm here in my capacity as a TFGB program collaborator. I work on the intersection of the DSA and the TFGB angle of it. So we have been researching how the DSA allows companies and platforms to deal with risks of gender-based crimes online. The very specific topic we've been talking, I've been diligent just talking with my colleague Julie Lübken from the CCDH, is the Grok case that kind of broke out five-ish months ago, beginning of 2026. And that kind of prompted a lot of outcry, a lot of interrogation about why currently the EU toolbox we have doesn't allow us to prevent various instances and kind of lacks also remedies. So that's a good conversation we've been having. It's kind of also led to something new, the nudification app ban that's been integrated into the AI Omnibus conversation.

Ramsha Jahangir:

Child safety and nudification is another very popular and timely topic within Europe, but also globally. And with the AI Omnibus I mentioned earlier, Europe is moving forward being the first, I think, not country, but region in the world to ban nudification apps. And we're continuing to cover that extensively in terms of what that looks like in practice, what are some of the considerations that Europe will take into making this work. So stay tuned, I would say, on this topic.

Justin Hendrix:

There was also an interesting cultural element at this conference, something that maybe sets it apart from some of the tech policy conferences I attend. Joel Baumann, a member of something called Project SENTIMENT, which explores the intersection of privacy and intimacy in human chatbot interactions, spoke about this element of the conference.

Joel Baumann:

I think it's also one thing that makes, if we're going to do a shout-out for CPDP, it makes CPDP super interesting that there's this cultural element to it. And we've heard it from policymakers who come by here and say, "This is something that makes this conference even more valuable because there's this other strand, which is the cultural strand." And we're very, very grateful that we were invited here.

Ramsha Jahangir:

What was your favorite session, Justin?

Justin Hendrix:

There was a session on Friday titled, Is Progressive Tech Policy Dead: Evaluating Strategies for Positive Change in a World in Turmoil. It was moderated by Open Future's Zuzanna Warso. One of the provocative statements that I heard that someone made during the Q&A was this idea that tech policy is dead but tech politics is thriving. There's this profound conversation going on that is in some ways disconnected from the detail oriented legalistic policy discussion happening among kind of traditional tech policy experts. And I think we heard a little bit of that in this panel, this kind of set of concerns that the public has about artificial intelligence, about data centers, about the various kind of ways that tech has entered our lives. Svea Windwehr from Mozilla spoke to me about it after the panel.

Svea Windwehr:

I think for me, the main message I want to get across is this point on not just coalition building, but getting comfortable around different people in the movement pursuing different strategies and not undermining each other even if we might not always understand these other strategies. So what I'm saying is that I think as a digital rights movement, we need to develop separate flanks. So there need to be radical people on the streets who can apply pressure, who might radicalize others, who might be really good at speaking to the public and explaining issues in a way that connect, but there must also be people who still engage with the parliamentary institutional process of policymaking. And I think that combination is central, but not every organization out there has to pursue both those goals. So I think that is the main message I want to get across.

Justin Hendrix:

So what you're trying to imagine is a world where regular people are engaged on tech policy issues.

Svea Windwehr:

Exactly. So I think we need to find a way to make tech policy relevant for people who worry about how they're going to pay their rent, who worry about AI, who worry about the climate crisis, worry about employment. I think this is our challenge for this community as a movement to make what we are working on relevant, because otherwise we'll only ever speak for ourselves.

Justin Hendrix:

We also had the chance to sit down with the European data protection supervisor in the basement of the Maison de la Poste, the makeshift podcast studio that was set up underneath the conference. I think we're going to listen to that full discussion. It runs about seven minutes.

Wojciech Wiewiórowski:

Wojciech Wiewiórowski. I'm the European Data Protection Supervisor. European Data Protection Supervisor is the controlling institution in the European Union, which is supervising the central agencies and central institutions of the European Union. So if you come to Brussels and you have the data protection problems with the hotel or even with the police, you go to the Belgian authority. But if you have the problems like that with the council, your European Parliament, or the agency, then it's EDPS who is dealing with it. We are also the advisor in the legislative process in the European Union.

Ramsha Jahangir:

Thank you so much for your time. We're talking now with, it's been nearly a decade since adoption of the GDPR and obviously this is a law not that has significance for Europe, but also globally. So a lot of sessions at CPDP have been focused on the Digital Omnibus, and simplification is the bigger topic here in relation to GDPR. So in your perspective, does GDPR need a review and what are the most pressing points?

Wojciech Wiewiórowski:

We are of the opinion that we don't need the whole review of the GDPR, especially not the review of the principles of this legal act and principles of data protection, but definitely some adjustment is needed or at least would be comfortable. And since the European Union decided to go into the idea of simplification and kind of clarification of the laws in the EU, the omnibus' action is directed to this very goal and the commission proposed the adjustments to the GDPR as part of this process.

Ramsha Jahangir:

And do you think it's simplifying compliance under GDPR or is it redefining the boundaries of what GDPR essentially protects?

Wojciech Wiewiórowski:

The Omnibus itself is adjusting. These are the targeted changes in the GDPR. So we cannot say that this is changing the situation very profoundly. There are some proposals which we fully support and we think they are directed to the real clarification of the law, but there are also some which actually will make more hassle than we had so far. So the discussion is not an easy one. It's both about the practice, but also kind of a principle discussion on the data protection as a fundamental right.

Ramsha Jahangir:

A lot of civil society advocates and privacy advocates have said that the simplification push is going to essentially gut privacy protections for Europe. To what extent is that true?

Wojciech Wiewiórowski:

It might be true. It might be true. Some of the proposals in our opinion are going too far and, first of all, would not simplify the situation, but also can be a danger to the general protection of the personal data and the general protection of privacy in the EU.

Ramsha Jahangir:

Could you give an example of what are ...

Wojciech Wiewiórowski:

Yes, for example, the proposal of the change of the definition of the personal data. That this discussion is probably necessary, but not in this way that was proposed by the commission. Commission proposed just six months after the judgment of the Court of Justice to petrify part of this judgment into law. In our opinion, that's a little bit too sudden this decision and without the real considering what will be the consequences of the change of the definition. Change of the definition may undermine the whole case law that we had so far from the Court of Justice as far as the scope of the data protection is concerned.

Ramsha Jahangir:

What are some of the challenges that you're advocating for at this conference and also ahead of before this is all finalized?

Wojciech Wiewiórowski:

Well, we think that proposals connected with the scientific research are really very good. Also, part of the proposals connected with the so called cookie banners and cookie problems, let's say, that we have, as well as the e-privacy changes are acceptable and with some fine-tuning they may really help us to deal with the data protection law and privacy protection law in Europe. While at the same time, as I said, the proposals of the change of the definition or the change of the role of the European Commission as the lawmaker, actually, in the field of the data protection are going too far.

Ramsha Jahangir:

And of course there's this discussion about the role of AI systems as well, because essentially it's changed to inferred and combined data, and data protection considerations are very different. So do you think GDPR still functions in a meaningful way with AI entering this space?

Wojciech Wiewiórowski:

Yeah, GDPR is technological neutral and that was the idea from the very beginning. We hear many times that the new technologies which we meet in the world will undermine data protection law. We heard it when the internet started. We heard it when blockchain appeared. We hear it now with this discussion about the AI, especially agentic AI. And I can say there are definitely the challenges, and agentic AI is a very good example of that, but GDPR is ready for that. When I say that agentic AI is a challenge for GDPR, that's mainly because the problems with the controller process or definition for the agenetic systems.

Justin Hendrix:

So he also gave closing remarks at the end of the summit.

Ramsha Jahangir:

Yeah. The closing keynote from the supervisor was interesting. He reflected on the state of EU data protection law and the broader push to simplify the digital rule book as well. And I quite always appreciate his honesty when he's talking about these issues. His message is very clear like, yes, the digital rule book is getting complex, but fixing that can come at the cost of clarity or enforcement. And once you start constantly rewriting or patching laws, especially across GDPR and the wider digital stack, you risk recreating exactly the kind of confusion the system was meant to avoid.

Justin Hendrix:

You also sat down with Paul De Hert who founded CPDP.

Ramsha Jahangir:

Yeah. Paul is one of Europe's leading experts on data protection and privacy. It was great chatting with him, reflecting on the upcoming 20th anniversary of CPDP and how it's evolved from a relatively small privacy focused academic gathering into a major meeting point. So let's listen to him.

I catch you at a very interesting moment for data protection. Obviously it's, what, 10 years to GDPR, 20 years to this conference almost. We're just one year away from the 20th anniversary. How has the landscape changed since you started this?

Paul De Hert:

For me, in a good way. So in the '90s there were rules on data protection, European data protection, data privacy, but hardly any enforcement. But there were authorities already, so there was a machinery set in place, some academics turning towards it, mostly lawyers. But most people considered it as a good governance thing, quite useless in court, no practical value, no finding, no imprisonment of that. Although privacy was alive, like in the rest of the world, we were seeing digital machines and so on, but this legal apparatus was very vague and principle-based open norms and nobody saw the connection with real life problems.

I did a little bit because I was working in law enforcement issues and the police used data protection in a strategic way to demand more independence in Europe, promising us that they would apply data protection. So they were one of the first stakeholders that saw the strategic importance of data protection to claim more privileges. So I was on it already in 1990 with the Schengen Treaty when we opened the internal borders, no more policing at the internal borders, and in exchange the police got more processing powers and other powers, but also data protection.

So I think that experience put me on the front line of what was happening then. I connected with the pioneers of European data protection. My own mentor was one, but I met all the others. I'm also in between all the generations, between the boomers and the X and so on. I'm always an in between. But then with that in between position, we started organizing our first conference, believing that it was important, that it could affect human interest and not only commercial interest or state interest. And what we noticed that was interesting was that this generation of pioneers was very generous in participating and wanted us to understand data protection rights. And so what we saw at our first conference, which was two-thousand ...

Ramsha Jahangir:

Seven?

Paul De Hert:

Yeah, something like it, I think. Well, we have done 19 editions. Yeah, yeah, that must be. Was the kind of reversal of roles Peter Hustinx and other pioneers were teaching us, the academics, what data protection was. And so that was an interesting ... And they were very concerned about understanding it right and meaning this not in terms of legal clarity, "a rule means this," but the principles and the philosophy and the approach. And that was a lesson that I still carry with us.

And then with the GDPR and stuff, a market for privacy professional was opened. IAPP came to Brussels, another certification of the job was being installed, more and more demand. It was a top 10 job position for years and it was combined often with cybersecurity or data security tasks in companies.

But suddenly my conference from being a nicely focused mainly academic conference transformed into a bigger thing and we were very happy with it. And we had political scientists amongst us who said, "Yes, that's the way. Let's not make it an academic conference, but a platform organized by academics to receive all the stakeholders." So we're not an activist conference. We put support and help and money in NGO work in Brussels as a kind of respectful approach to these people, but we ourself define ourselves as a platform where everybody who wants to speak out on privacy, data protection, and connected issues is welcome.

Ramsha Jahangir:

I wanted to come back to one thing before we come. It's very interesting that you presented data protection and the beginning of it and a principle and something that is of value not just to provide professionals working in this space, but also public value. And now the space has grown, but do you think that value has translated outside this setting?

Paul De Hert:

That's a good question. There is a technocratic dimension towards data protection, but we live in a part of Europe, and I guess the rest of the world is technocratic, but it's the unwritten constitution. The weakest part of data protection is participation. So it is rather good in transparency, European data protection, creating transparency. It is working hard on accountability. But participation, it's written nowhere. So even, you take, in impact assessments, there are no clear laws on participation. The data subject is protected, but the message is, "Go to that expert authority, that the DPA, that will take care of your interest." Yeah? So a kind of vigilantist model of privacy. That should be the foundation of a culture of privacy. I hope it's there.

And some of us now, we love to read very populist narratives. And I have a belief that a lot of privacy themes are landing amongst the people. But then we say, "Oh, populist," and we don't do anything with it. The question is, does privacy affect people's lives? Yes. Does that show in the mainstream media in a very selective way? But things like digital wallet, digital identity, digital Euro, many people are scared of it and they don't want it. And they have seen during the pandemics how all these digital tools with all their promises are serving the cosmopolitans, but not necessarily people, and can turn within a switch into state controlled surveillance tools. And I don't think the EU response to that is efficient, adequate, or sensitive.

And then comes this less visible technocratic agenda of Europe and its nation states comes to the fore because they have those things in mind, but they present it as, "Yeah, with the digital wallet, you have your degrees from Country X, you can move to Portugal, Country Z, and you have no problems in clearance. The wallet contains all the necessary documents." But then they put in vaccination status and God knows what else with the digital Euro. The basic questions — "Can we opt out?" — are not addressed and so on. And people feel that.

There's a lot of interesting stuff, and it's happening at ground level of, "We only accept cash." And that kind of resistance, that is there I stop being a data protection person and I'm becoming a privacy person. I really understand why people are doing that. I really understand why people are turning away from registration systems that are binary, not adequate, not fluid and so on. So in one way or another, I find more interesting narratives amongst the people and more relevant narratives on privacy than 20 years ago.

Ramsha Jahangir:

Maybe I could ask you about this year's theme.

Paul De Hert:

About what?

Ramsha Jahangir:

About this year's theme. It's called, what is it, Competing Visions, Shared Futures?

Paul De Hert:

Yeah, yeah, yeah, that is the-

Ramsha Jahangir:

And obviously data protection and privacy has also become a political story, especially with the simplification and omnibus within Europe and geopolitical circumstances outside. So how did you come about this theme and what are the challenges that come with the competing visions?

Paul De Hert:

Yeah, we took that theme and we softened it, but it was a hard message. If you want CPDP to be relevant, we need disagreement. We need to have all the guys and all the others, bad or good. And the question is not who's bad or is good. We need to have them all, especially in a changing political landscape. We're going to die as a conference, we're going to have a closed community without that, and that's not what we want.

So we were really panicking, and other conferences too. And so we put that a little bit more upfront because there were resistances. And last year we had a Gaza role. Europe was divided on the Gaza with countries still not accepting the same analysis as others. So there was a divide within in my scientific committee because this conference is supported by a scientific committee, a divide at a political level.

So with the theme of this competing visions, we want to stress this necessity to find the disagreement and to have a reasoned debate about it. So the bad guys are not the ones that are using my stages for defending their vision. Even if you think they're bad, these guys at least show up. And so there's a lot on the back of my mind about who is really my enemy.

And so Europe is making a big thing about European innovation and European tech. The European firms are not coming to my conference. They just use the political secret back doors to negotiate their deals as they have done with omnibus, but I like the companies that seek my public debates. So I'm not happy with this attitude amongst political and economic business people to use the traditional informal channels and to avoid public debate.

And so now we have good panels because the commission is presenting the omnibus and we're hearing interesting things now. So at least we're functioning at that level. So now it's clear, but the omnibus debate should have been prepared better at conferences like this. And so one of the arguments against the commission is that it wasn't evidence-based what they are ... And so all that work that you should do to prepare change could have been done more in the open. And so that is a bad chapter in the history of rulemaking of Europe.

But anyway, it is also a good refreshment for us that our narrow focus on big tech from China and the US is not perhaps the only focus that we should apply. There are demands here and so on. And it's to get that clear, to get defenders of that change. That is happening now and it's making me happy because we get a reasoned debate and we always wanted that. It should have started earlier, but it's there now. And I hear good counter arguments against all the arguments against the omnibus by the people who are making the omnibus. And so that is still worthwhile. And I applaud that, that they take our stage and that they defend themselves with arguments and so on.

So the good thing is it's all on YouTube, it's going to be on YouTube or other channels, because these debates are precious. You don't always read about these arguments and counter arguments in journals. And it's especially through dialogue and through the critical mass amongst the audience that you can straightforwardly go to certain critical points that need to be clarified.

So one of the traditional arguments -- was there a proper impact assessment of the omnibus? -- was well countered today in a panel by DG Connect. And they should have done that earlier because their arguments had some weight. And if you know how EU regulation works, then it's not only a price impact assessment, the whole process is long and it's based on dialogue between stakeholders and so on. So there are counter arguments against the way that omnibus was put on the agenda and I was happy to hear them today. That doesn't mean I follow them. I'm happy they were spoken out.

And did I answer your question?

Ramsha Jahangir:

Absolutely. I mean, you've found a way to manage the competing visions. Shared future is obviously another open question. How do we get there?

Paul De Hert:

Yeah. I think Europe should be more self-critical. That's, for me, clear. Also, it wasn't a custom here at this conference and in academic literature to be very critical of Europe because they often perform better than nation states, but Europe is now put in a critical spotlight and I think that is useful.

And major players like Germany dictating a lot of the agenda of the EU, like the omnibus, some say it's a German agenda that we are applying, they need some pushback. And I think this conference is useful, but others are too. So there was a recent report on freedom of expression in Germany and their tendency to prohibit all disagreements. And it was good to have that not voiced by American administration, because then we can disregard it, but by the commissioner of human rights of the Council of Europe. So I think that's the way forward.

We are not agreeing within Europe on many things, on economic interest or on geopolitical questions. The religious wars of the 15th, 16th century have taught us that disagreement is not solved by coercion but by acceptance of disagreement. And so the way forward for Europe would be to be self-critical. And I would love to have more discussions on freedom of expression at this conference and all the other more sensitive spots of EU lawmaking, also the more technocratic approach to human rights protection, because we could learn from that. What could we learn from that? If your account is blocked, for people that is a privacy violation, but technically you have to voice that as a problem of freedom of expression. But I don't care. It's a digital human rights infringement that has GDPR implications, that has ... but we hear very little about it.

And so the reliance of Europe on private actors to do the filtering and the cleaning of the space for freedom of speech, that is a problematic one. And the approach is, "We first clean, because the problem is now, and then we will look at the damage done to certain individuals," I don't think that is a worthy approach for Europe. So it's where it shows its rough side. It's easy to see the rough side of US administration, but it's good that some point at our rough sides because they are there too. But we, of course, as an enlightened continent, we don't like to show those sides.

So I'm a little bit fed up with European self-content, and I hope this conference by remaining open ... We had the UN Special Rapporteur Monday. We have the Council of Europe as a trusted partner to our conference. That is good because that is already 50 nation states, and the EU only 27. And, yeah.

Ramsha Jahangir:

Thank you so much, Paul. Really appreciate your time.

Justin Hendrix:

Well, it was a great few days in Brussels, Ramsha. I look forward to seeing you in person again soon. Thanks for talking to me today.

Ramsha Jahangir:

Thanks so much, Justin.