Paolo Balboni (P.)
Paolo Balboni is Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity (ECPC) within the Maastricht University Faculty of Law. He graduated in Law at the University of Bologna (Italy) in 2001 and completed his Ph.D. in Comparative Technology Law at Tilburg University (The Netherlands) in 2008.
His main research focus is Data Protection as a Corporate Social Responsibility, which can be used to help companies to responsibly further their economic targets and at the same time positively contribute to the development of a fair data-centric society. Looking, more precisely, at how businesses can consider fair practices, privacy and data protection as assets, furthering the concept of fairness by design where fairness is built into the design of data processing activities (services, applications, algorithms, and products that enable information/data processing).
He lectures in the Data Protection Officer (DPO) Professional University Certificate Course on how to create an effective Data Protection Compliance Framework, Data Protection by Design and by Default, and Data Protection Impact Assessments. In the Privacy Executive Professional Diploma Program Paolo lectures on Cloud Computing, ICT and Data Protection Contracts, and Blockchain.
Paolo is involved in several Horizon 2020 European projects including, Cyberwatching, the European observatory of research and innovation in the field of cybersecurity, and privacy and the nIoVe project which deploys multi-layered interoperable cybersecurity solutions for the Internet-of-Vehicles (IoV), acting as a legal specialist and ethics advisor in various projects.
Paolo furthermore advises the Dutch government on national matters concerning cybersecurity and privacy and in 2018 drafted the national Surinamese Privacy and Data Protection Law.
He is the author of the book Trustmarks in E-Commerce: The Value of Web Seals and the Liability of their Providers (T.M.C Asser Press), and of chapters in international books and numerous journal articles published in leading international peer-reviewed journals on Data Protection by Design, Cloud Computing, Big Data and Smart Analytics, Online Seals, Legal Aspects of BlockchainTechnology: Smart Contracts, Intellectual Property and Data Protection’, ‘Law Enforcement Agencies Access to Data’, and ‘The Relationship Between Personal Data Protection And Use Of Information In Order To Fight Online-Terrorist Propaganda, Recruitment, And Radicalization’.
Qualified lawyer admitted to the Milan Bar (Italy) as well as registered under Article 16 of the Dutch Attorney Law at the Amsterdam Bar (The Netherlands), Paolo is a Founding Partner of ICT Legal Consulting (ICTLC), a law firm with offices in Milan, Bologna, Rome, Amsterdam (International Hub), Helsinki, Madrid, Melbourne and multiple Partner Law Firms around the world. Together with his team he advises clients in the fields of Personal Data Protection, Data Security, Information and Communication Technology and Intellectual Property Law, also acting as Data Protection Officer in outsourcing.
In 2019 he was appointed as a Member of the EUMETSAT Data Protection Supervisory Authority. He co-chairs the Privacy Level Agreement (PLA) Working Group of Cloud Security Alliance and has acted as the legal counsel for the European Network and Information Security Agency (ENISA) projects on ‘Cloud Computing Risk Assessment’, ‘Security and Resilience in Governmental Clouds’, and ‘Procure Secure: A guide to monitoring of security service levels in cloud contracts’.
He speaks Italian, English and Dutch fluently and has good knowledge of French, Spanish, and German.