Class reunion with AI
The BvD Autumn Conference discusses data security and EU data regulation.
Data protection and data security: in times of a growing number of cyberattacks, the two topics can no longer be separated. This became clear once again at the BvD Autumn Conference and the subsequent Authorities Day from October 16 to 18 in Stuttgart. Among other things, the seventh autumn conference dealt with new tracking methods, AI and employee data protection, TOMs for new threats and practical experience from a cyberattack.
It is a “class reunion” of a special kind: for the seventh time, internal and external data protection officers met with the supervisory authorities of Bavaria and Baden-Württemberg for the BvD Autumn Conference. The motto of this year’s edition in Stuttgart: “Regulatory tsunami: Staying on top of things with security”. The motto addressed two of the conference’s main topics: On the one hand, data protection officers have to translate the regulations already in place, as well as those still to come from Brussels, into data protection practice. On the other hand, the topic of data security is right at the top of the agenda.
Class reunion in data protection
In his welcoming address, the State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg (LfDI), Tobias Keber, suggested that consideration should be given to an “AI data protection regulation”. “That would make a lot of things easier,” he said, welcoming around 250 internal and external data protection officers in Stuttgart. But as long as there is no such regulation, the gold standard and the sometimes abstract rules of the AI Regulation will remain in place. Keber had used AI for his words of welcome: “How can I express what it’s all about in a picture?” he had asked himself and an image-generating AI. The result: a class reunion of data protection, in which there was also extra space for questions with the closing format “The supervisory authorities answer your questions”. “We don’t know all the answers either”, said Keber, “but we think together”.
THREE ORGANISATIONS, ONE CONFERENCE
The BvD Autumn Conference and the traditionally following Authorities Day are a joint event of the BvD with the State Commissioner for Data Protection and Freedom of Information Baden-Württemberg and the two Bavarian supervisory authorities, the Bavarian State Office for Data Protection Supervision and the Bavarian State Commissioner for Data Protection responsible for public institutions. The autumn conference and the authorities’ day alternate between a venue in Baden-Württemberg and Bavaria. The BvD Autumn Conference 2025 will take place in Munich from 22 to 24 October 2025.
In his welcome address, his counterpart Michael Will, President of the Bavarian State Office for Data Protection Supervision (BayLDA), spoke of a “climate change in data protection law” that data protection officers must face up to. “This requires courage, a certain tenacity,” said Will. But data protection officers are characterized by these qualities anyway.
The supervisory authorities themselves are certainly open to AI – for example, to counter the shortage of skilled workers, as Keber explained later in the Q&A session. “First of all, there are no bans on thinking,” he said. However, the authority would first have to clarify how AI could be used with a low level of risk, where an AI application could work or where it might extend processing times because its results would have to be checked by employees. Michael Will also does not rule out its use in the future. But of course the legal conditions would have to be fully met, he said. However, AI could possibly help to “clean up reporting procedures a little”.
AI and data sovereignty
Björn Beck, Head of the Baden-Württemberg Innovation Lab, showed how innovation and data protection can go hand in hand. Just the day before, Beck and his team had presented an AI assistant for authorities and municipalities in Berlin that is designed to help with a single click. Its name: F13 – named after the keyboard that does not exist. This is a first step, “a delicate little plant” on the way to becoming independent of the big American cyber giants, said Beck. F13, which takes its name from the non-existent function key on the computer, is planned as open source to enable users and companies to develop their own in-house ChatGPT application. Beck is convinced: “AI is an accelerator for everything.” That is why it is important that Germany and Europe have their own sovereign platforms for AI applications that fully implement the GDPR.
AI and Brussels
BvD board member Jens Eckhardt emphasized that companies urgently need to get to grips with the AI Act. He stood in for the absent law professor Philipp Hacker from Yale. This is because Chapters I and II of the AI Act will already apply from February 2, 2025, with Chapter 2 in particular listing the AI systems that will be prohibited in the future. At the same time, companies must also have the AI expertise required by the AI Act from that date. Chapter III, Section 4 on high-risk systems and other chapters and articles will apply from 2 August 2025, while other provisions of the AI Act will apply from 2027. “Familiarize yourself with the timeline,” advised Eckhardt. This is the basis for a project plan.
The DORA Directive will also apply from January 2025, the NIS 2 Directive is due to come into force in March 2025 according to current plans, and the Cyber Resilience Act is expected to come into force by the end of 2024, which will then have to be implemented in 2027. And from September 12 next year, the Data Act will also apply in large parts. “We will be faced with something that we can solve,” said Eckhardt. “But I doubt that the management will be able to do it without our support.”
AI and “cutting red tape”
BvD Chairman Thomas Spaeing had already pointed this out during the welcome address. Under the slogan “bureaucracy reduction”, the Federal Government is planning to further soften the appointment limit for DPOs in the draft amendment to the Federal Data Protection Act: From the current 20 employees who regularly process personal data to then 50. “The tricky thing is that companies are not openly told that without a data protection officer, they have a higher risk of violating data protection laws and becoming victims of cyber attacks,” criticized Spaeing.
AI against AI
Entrepreneur Markus Schulte assumed in his presentation “Being armed against cyber threats – how to advise your customers or companies” that cyber attacks are getting worse and that hardly any company or municipal institution will be spared. In his experience, the attacks are now coming from highly automated AI systems that use phishing, ransomware or SQL injection to smuggle malware into the systems, where it sometimes takes several months to unleash its destructive power.
In order to survive an attack as unscathed as possible, Schulte advises creating a ransom-safe backup on a hard disk – and to do so regularly so that a non-infected version can be used in the event of an attack. Schulte advises against switching off IT at the start of the attack, as this can quickly put a company in a business-critical area. Companies should also remain online so that law enforcement authorities can investigate the source of the attack. Schulte also advised companies to actively scan their infrastructure for security vulnerabilities. This can also be done with AI. Another measure: every new device receives a certificate in order to be able to communicate on the network. Employee training is also crucial to ward off phishing emails.
And if it does happen? According to Schulte, companies should have drawn up contingency plans that include the telephone numbers of those who need to be informed first, including the BKA, the BSI and insurance companies. “Create awareness among your customers,” said Schulte, who developed the Defenderbox, an automated tool that detects IT vulnerabilities. This also includes simulating emergency exercises at regular intervals.
AI against critical infrastructure
Michael Georgi, Head of IT at Technische Werke Ludwighafen (TWL), explained what an attack feels like and what conclusions can be drawn from practical experience. An attack was launched at the utility company on April 20, 2020. A forensic analysis revealed that the initial infection had already occurred on February 13 via an email with a hyperlink. Employees subsequently received training on email security and the use of the internet and email for private purposes was banned.
TWL had to rebuild its IT infrastructure. To do this, the Group installed a series of security measures, including a powerful firewall, network segmentation, partial two-factor authentication and privileged access management (PAM). Georgi’s conclusion after the experience: long-term cooperation with an external professional, immediately involving the security authorities, informing the data protection authorities immediately even if the situation is still unclear and providing honest information to the press and customers. You shouldn’t “try to sweep anything under the carpet – it will come out anyway”, said Georgi.
AI and advertising
Carolin Loy, head of the European Cooperation Unit at the BayLDA, and speaker Mike Kuketz from the LfDI reported on new tracking methods for targeted advertising under the title “Goodbye cookies. Hello identity provider”. They explained how identity providers, mobile advertising IDs and browser fingerprinting combine user data across devices in order to display targeted advertising. They also highlighted the data protection problems associated with these technologies. In particular, according to Loy, the techniques regularly violate purpose limitation, information obligations, the principle of transparency and the required fairness. Loy and Kuketz recommend advertising blockers, at least for identity providers, to prevent the loading of tracking-based third-party scripts. In addition, users should only ever allow necessary cookies in the cookie consent banner.
Overall, the two experts see the new technologies as problematic, but as yet little known. In supervisory practice, there are mainly complaints about cookies, but only two about the new tracking methods in the past five years, said Loy.
AI in companies
Inga Tanzmann, Senior Lead Privacy & AI Governance at Zalando, and Sebastian Greß, Group Data Protection Officer at the Mercedes-Benz Group, explained how corporations are using AI in their companies and products. In conversation with Tobias Keber, Greß reported that AI has now found its way into many areas of the automotive group, both in its products and in various areas of the company. Mercedes has developed its own version of ChatGPT for this purpose. Andreas Sachs, Vice President at BayLDA, presented ten checkpoints on how companies can set up an AI project in compliance with the GDPR and the AI Regulation. Together with his boss Michael Will, he also took a closer look at the anonymization of data, which companies and authorities hope will enable the use of data without data protection. Neither of them see this. Because: “There will always be re-identification risks with a lot of anonymous data,” said Sachs. Her conclusion: creating anonymity in data is technically one of the most difficult processes to implement.
