Cristiana Deca to speak at Global Privacy Day

Livestreaming on 25 January 2024 as part of Data Privacy Day, Global Privacy Day brings together thought leaders and senior industry professionals to discuss the present landscape of data protection and privacy, and the current and future challenges that professionals face.

Cristiana Deca is CEO and Data Protection Expert at Decalex Digital. An entrepreneur by design, Cristiana is a full stack data protection expert, and also the founder of the first Romanian privacy compliance company focused exclusively on privacy and data protection.

Cristiana appears exclusively at Global Privacy Day to discuss the role artificial intelligence (AI) is set to play for global business communities.

Below, she answers questions on the topic and sheds light on her professional journey to date.

Could you outline your career pathway so far?

I am a graduate of the Faculty of Law at the University of Bucharest, holding a master’s degree in European Law with a specialization in Design Thinking from M.I.T.

Ten years ago, I co-founded Decalex, the first entirely Romanian company specializing in data protection compliance services. Motivated by my passion for the intersection of fundamental human rights and technology evolution, I obtained an international certification from the IAPP as an expert in European data protection law (CIPP/E).

I am also the co-founder and former vice president of the Romanian Data Protection Professionals Association (ASCPD) and represent Romania in the European Confederation of Data Protection Organizations. In 2021, I was appointed to the board and Compliance and Ethics Council of EIT Health and am frequently invited as a speaker at international privacy and cybersecurity conferences.

Known for my organized approach and meticulous attention to detail, I am passionate about the fundamental right to privacy. Along with my partners, I have pioneered professional data protection services required by companies and their employees.

An entrepreneurial spirit always seeking the latest initiatives in GDPR and cybersecurity, I combine an analytical, optimistic nature with a readiness for innovation. I consistently bring new ideas to my partners and team.

Decalex, co-founded by me and my partners Cristian Deca and Ciprian Harabagiu in 2013, has become a benchmark in data protection compliance, cybersecurity, and business consultancy after a decade. This year, the company is set to launch Romania’s first digital application for employees and companies, providing comprehensive, user-friendly access to GDPR compliance resources.

What are the primary challenges facing organisations as they bid to embrace AI while adhering to the principles of privacy by design & default?

The foremost challenge for organizations aiming to integrate AI while upholding privacy by design and default principles lies in the widespread excitement surrounding AI.

Currently, the predominant issue is that many companies only consider privacy at the deployment stage of AI systems.

However, the majority of privacy concerns actually arise during the initial phases - particularly in the training and development of AI. Therefore, it’s crucial that the principles of privacy by design and by default are implemented right from the inception of the AI project, through its training, and onto its final deployment.

Is it possible for companies today to innovate with AI technology while remaining compliant and without compromising on data privacy?

Though it may seem challenging, it’s essential to remember that compliance is not optional. As we anticipate new legal frameworks specifically tailored for AI, we must not overlook the existing GDPR principles that still govern AI design, training, and deployment when it involves personal data.

Therefore, it’s important to regard Article 22 of the GDPR not just as a regulation, but as a guiding principle for ensuring privacy compliance in AI.