Ivana Butorac to speak at Global Privacy Day

Livestreaming on 25 January 2024 as part of Data Privacy Day, Global Privacy Day brings together thought leaders and senior industry professionals to discuss the present landscape of data protection and privacy, and the current and future challenges that professionals face.

Ivana Butorac is an experienced legal professional for Data Protection & Privacy focused on providing consulting services for Government & EU institutions and agencies. She is a Data Protection Expert and Team Lead in Sopra Steria, holds an LLM in IP&ICT Law from KU Leuven and is a passionate Law and Tech blogger.

Ivana appears exclusively at Global Privacy Day to discuss the ways in which AI is set to influence the corporate community.

Below, Ivana talks more about her professional journey and introduces the issues on the table at her session.

Could you outline your career so far?

I started my career eight years ago, in the policy environment of the European Parliament which was not focused on digital matters. My start in IT began with Cisco System where I supported Government Affairs team working on regulatory matters.

Back then GDPR was just taking shape, however, this is where I noticed it would be a game changer. In parallel with work, I enrolled in LLM of IP&ICT Law at KU Leuven. This is where my data protection journey started – and continued later on in consulting work.

Soon after, I joined Sopra Steria Cybersecurity and GRC department that exposed me to a variety of data protection-oriented projects in Government & EU Affairs. Today I am the Data Protection Manager in the Cybersecurity Unit of Sopra Steria. The role sees me responsible for coordinating the DP team and ensuring delivering DP services to clients.

What are the primary challenges facing organisations as they bid to embrace AI while adhering to the principles of Privacy by Design & Default?

Compliance is often seen as something to be done quickly and “dirty” – on paper only – rather than actually building compliant and privacy-friendly solutions. The main challenges often lay in poor data governance; primarily companies do not know what data they have, what do they do with it and how to use such data in a compliant way.

AI is a very sophisticated technology with a strong impact on society. Basically, it can be integrated into anything. But the key fact that is often easily forgotten, but which is actually crucial, is that AI starts with data. This is where Privacy by Design arrives as a game changer, helping us to identify all gaps and find adequate solutions when implementing technologies such as AI.

Is it possible for companies today to innovate with AI technology while remaining compliant and without compromising on data privacy?

Laws are sexy – if you understand how to translate requirements into concrete solutions. Legislation such as GDPR and the EU’s AI Act are here to be a business driver, rather than a blocker.

It is absolutely possible to leverage the use of AI to promote innovation while remaining compliant and have privacy-friendly solutions. Data protection will ensure that your AI solutions achieve all your technical and business goals while ensuring product reliability, trustworthiness and customer trust.

Providing clear direction for navigating your current position involves leveraging practical tools like impact assessments, cultivating a comprehensive understanding of your data, and ensuring the quality of data to mitigate adverse outcomes. Additionally, establishing global governance and implementing robust risk management strategies are pivotal components. These key aspects collectively empower companies to seamlessly attain their technology, business, and privacy objectives.

Technology is here to help society develop, but legislation is here to keep such development human-centric.