CSR Research Group

profile photo of Paolo Baldoni

Paolo Balboni 

Paolo Balboni (PhD) is a Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity (ECPC) within the Maastricht University Faculty of Law. His main research focuses are cybersecurity, data management/sharing and data protection as a corporate social responsibility, which together can be used to help organisations responsibly further their economic targets and at the same time positively contribute to the development of a fair data-centric society.

Qualified lawyer specialized in ICT, Privacy & Cybersecurity admitted to the Milan Bar and registered to the Amsterdam Bar. He is a Founding Partner of ICT Legal Consulting (ICTLC), an international law firm, and ICT Cyber Consulting, a company specialized in information/data security. Prof. Dr. Balboni is a Recommended Lawyer ranked by The Legal 500 EMEA 2023 in the areas of Data Privacy and Data Protection and Industry Focus: TMT. He is the Chairman of the European Patent Office (EPO) Data Protection Board, Member of the EUMETSAT Data Protection Supervisory Authority, Member of the Europrivacy Board of Experts, Member of the European Commission’s Expert Group on B2B data sharing and cloud computing contracts, and of the Cloud Security Alliance’s AI Safety Expert Group. Prof. Dr. Balboni furthermore advises governments on national matters concerning cybersecurity and privacy and in 2018, he drafted the national Surinamese Privacy and Data Protection Law.

He is the author of three books Data Protection as a Corporate Social Responsibility (Edward Elgar), Trustmarks in E-Commerce: The Value of Web Seals and the Liability of their Providers (T.M.C Asser Press), and the Annotated Nigeria Data Protection Act 2023 (Noetico Repertum Inc., Lagos),  and of numerous publications on data protection by design, cloud computing, big data and smart analytics, internet of things, Law Enforcement Agencies’ access to data; intellectual property, contractual and data protection aspects of blockchain technology, and the relationship between privacy/data protection and the use of information in order to fight online-terrorist propaganda, recruitment, and radicalization.
Contact    Full Profile


Cosimo Monda

Cosimo Monda is Director of the Maastricht European Centre on Privacy and Cybersecurity within the Maastricht University Faculty of Law. He has longstanding experience in EU affairs. Particularly in business development, design executive education, certification courses and online learning modules for professionals and management of service contracts. He is an internationally recognized public speaker and lecturer on a variety of issues related to Privacy, Data Protection and Cybersecurity. His field of expertise includes Data Protection and Cybersecurity, EU Information Management, Transparency and Access to documents, EU Agencies, EU decision-making Procedures and Institutions, and EU Law.

Kate Francis

Kate Francis

Kate Francis is a PhD Candidate at the Maastricht University Faculty of Law and the Head of Research, Data Ethics and Digital Sustainability at ICT Legal Consulting  (ICTLC), an international law firm. 

Kate’s research topics include transparency in the EU legal framework, Data Protection as a Corporate Social Responsibility, and GDPR enforcement. She has experience working on Horizon 2020 projects including the nIoVe project on cybersecurity in Connected and Automated Vehicles and the AnonymAI project which developed a prototype for automated anonymization that protects the personal data of users when contained in large collections of unstructured natural language content, as well as the Horizon Europe KT4D project which aims to ensure that AI and Big Data “empower communities and enable social integration, individual agency and trust in both institutions and technological instruments”.

Kate is a certified Data Protection Officer (ECPC-B DPO, European Centre of Privacy and Cybersecurity, Maastricht University), certified Cloud Security Alliance GDPR Compliance Code of Conduct Consultant, and a certified Europrivacy - GDPR compliance, audit and certification Auditor.

Christopher Mondschein

Christopher Mondschein

Christopher Mondschein is a Researcher at the European Centre on Privacy and Cybersecurity within the Maastricht University Faculty of Law. He engages in professional education on Data Protection and conducts research in several projects. Moreover, he is the editor of the Maastricht Journal of European and Comparative Law.