In 2016, he joined the Canadian privacy software and research company Nymity, where he currently serves as Director of Strategic Research and Regulator Outreach.
He is based at Nymity’s office in The Hague, the Netherlands where he works with organizations across Europe to support their privacy offices.
Paul also leads various Nymity research projects focused on demonstrating compliance to privacy and data protection laws, and data protection process certifications.
Paul is Senior Visiting Fellow at Maastricht University’s European Centre on Privacy and Cybersecurity. Before joining Nymity, Paul served as senior international officer at the Dutch Data Protection Authority.
He was an active member of various Article 29 Working Party subgroups, co-authoring opinions on the data protection reform, surveillance, the Privacy Shield and others
The Future of Data Transfers
As the UK nears its exit from the EU, organisations on both the UK and EU data flows will be impacted if adequacy isn't achieved. This session will look at the current status of the UK, and the Future of Data Flows adequacy and SCCs post-Brexit.Post Schrems-II: Completing a Transfer Risk Assessment
Following the Schrems-II decision, organisations are obliged to assess all International data transfers on a case-by-case, to ensure the essentially equivalent standard can actually be achieved. During this panel, we will discuss how organisations can complete a transfer risk assessment and which elements need to be taken into account.