GRA hosts BIIDPA data protection conference in Gibraltar

The Gibraltar Regulatory Authority hosted this year’s British, Irish and Islands Data Protection Authorities conference in Gibraltar on May 19, bringing together regulators from across eight jurisdictions to discuss data protection issues and share best practice.

The conference was held by the GRA in its capacity as Gibraltar’s Information Commissioner.

Representatives from the data protection authorities of Bermuda, Gibraltar, the Bailiwick of Guernsey, Ireland, the Isle of Man, Jersey, Malta and the United Kingdom attended the event.

The forum brings together authorities whose regulatory and legislative frameworks share significant common ground, with a focus on supervisory cooperation, regulatory consistency, data rights, responsible innovation and regulatory development.

The event opened with remarks from the GRA’s Information Commissioner and CEO, John Paul Rodriguez, followed by a “Tour de Table” session in which authorities shared updates, priorities and recent developments in their jurisdictions.

The morning programme included discussions on the challenges and opportunities linked to data protection in global financial centres, led by representatives from Gibraltar and Guernsey.

Delegates also discussed children’s privacy, including regulatory approaches to protecting children online and emerging privacy risks affecting young people in the digital environment.

In the afternoon, the conference focused on the growing role of artificial intelligence in regulation, including how data protection authorities use, or may use, AI tools in their regulatory work.

Discussions also covered AI governance, regulatory readiness and expected developments in the field.

Cybersecurity and data breach management was another key area of focus, with participants sharing experiences and approaches to cyber incidents from a regulatory perspective.

The programme also included a session on Subject Access Request enforcement, including compassionate compliance, systemic non-compliance and ensuring individuals can exercise their data protection rights.

The day concluded with summary remarks on the key themes and outcomes of the discussions, as well as areas for continued collaboration between member authorities.

The GRA’s Director of Information Rights and Operations, Bradley Tosso, said, “It was a pleasure to host this important conference in Gibraltar and to welcome our colleagues from across the British, Irish and Islands data protection community. The conference provided a valuable opportunity to share experience, discuss common challenges, and strengthen cooperation between authorities”.