Privacy Research Day 2025: watch the replay

17 July 2025

The 4^th edition of the CNIL's Privacy Research Day was held on July 1^st 2025, at the CNIL in Paris and online. This event bridges the gap between the academic world and data regulation, and is aimed at practitioners, academics, and public authorities.

Privacy Research Day: a major academic conference on data protection

The Privacy Research Day is an opportunity to build bridges between researchers from all disciplines and regulators. During the conference, experts from different fields will present their work and discuss its implications for regulation - and vice versa.

This interdisciplinary day is aimed at a wide audience familiar with privacy and data protection. Our objective is to create an exchange between legal experts, IT specialists, designers and social science researchers.

This event will also enable participants to discover innovative research: new challenges, new vulnerabilities and new solutions will be presented.

At last, the Privacy Research Day is an opportunity to create lasting partnerships between academia, the CNIL and other public bodies.

Watch the replay

Program

9:10 AM

Introduction by Mehdi ARFAOUI, Sociologist at the CNIL's Digital Innovation Laboratory

9:15 AM

Opening by Fabien TARISSAN, Member of the CNIL college, researcher at CNRS, professor at ENS Paris-Saclay

9:25 AM

Panel 1: User Risk Perceptions and Strategies

User perceptions play a significant role in their behavior and the strategies they employ to respond to situations. What measures do users take to protect their privacy? How can we equip diverse audiences and meet their expectations? What risks do people overestimate or underestimate? How does the perception of these risks influence their behavior and strategies?

Moderation: Spyridon MAKRIS, legal expert in the CNIL's European and International Affairs Department

Christoph LUTZ, professor at the BI Norwegian Business School - Visual Privacy: The Impact of Privacy Labels on Privacy Behaviors Online - Design
Hiba LAABADLI, PhD student at the Duke University (USA) - Exploring Security and Privacy Discourse on Twitter During the ‘Justice Pour Nahel’ Movement in France - Social sciences
Miranda WEI, PhD candidate at the Research at University of Washington (USA) - We’re utterly ill-prepared to deal with something like this": Teachers’ Perspectives on Student Generation of Synthetic Nonconsensual Explicit Imagery - Computer science

10:35 AM

Panel 2: Protecting Data in the Age of Social Media

Social media has become a preferred means of communication, an extension of our intimate sphere, while simultaneously raising increasing distrust regarding the security of our personal information. What are users' expectations on social media? How do they perceive the protection of their data and privacy? How can researchers, particularly in the context of the Digital Services Act (DSA), use this data? What protection mechanisms should be implemented?"

Moderation: Benjamin POILVÉ, engineer in the CNIL's technological expertise department

Alexis Shore INGBER, Postdoctoral Research Fellow at the University of Michigan School of Information (USA) - Understanding screenshot collection and sharing on messaging platforms: a privacy perspective - Social sciences
Kyle BEADLE, PhD candidate in Computer Science at University College London (United-Kingdom) - A Privacy Framework for Security Research Using Social Media Data – Computer science
Aleksandra KOROLOVA, Assistant Professor at the Princeton University (USA) - Having your Privacy Cake and Eating it Too: Platform-supported Auditing of Social Media Algorithms for Public Interest – Computer science

11:40 AM - 11:55 AM

Break

11:55 AM

Panel 3: Limits and Levers of Transnational Compliance

Despite the extraterritorial reach of regulations like the GDPR, ensuring consistent global data protection remains arduous. Varying definitions of essential terms (personal data, anonymization, PETs) constitute a major impediment. What assessment can be made of international compliance efforts? What legal levers could individuals use to exercise their rights? What are the divergences in definitions between the different concepts related to data protection technologies? How do these divergences hinder the implementation of the law?

Moderation: Francis MORDELET, legal expert in the CNIL's European and International Affairs Department

Helena KASTLOVA, researcher at the Princeton University (USA) - Report on extraterritorial enforcement of GDPR - Law
Michal CZERNIAWSKI, researcher at the Vrije Universiteit Brussel (Belgium) - From the General Data Protection Regulation to the Artificial Intelligence Act: Improving Extraterritorial Enforcement Through Criminal Law - Law
Ludovica ROBUSTELLI, postdoctoral Research at the University of Nantes (France) - Guidance in anonymization: When Ambiguity Meets Privacy-Washing – Law and computer science

1:00 PM – 2:00 PM

Lunch break

2:00 PM

Presentation of the 9^th CNIL-Inria Award and presentation of the winner

2:35 PM

Panel 4: Data Protection Challenges in the AI era

Artificial intelligence systems are proliferating, offering immense potential but also risks of misuse or problematic applications. Therefore, documenting, analyzing, and auditing these systems are paramount. What specific problems are generated by the development of AI systems? What tools can be used to audit these systems and their use? How can countermeasures be developed to limit the risks these systems pose?

Moderation: Nicolas BERKOUK, scientific expert for the CNIL's artificial intelligence department

Clément LE LUDEC, postdoctoral Researcher at the Paris Panthéon-Assas University (France) - Qui rend lisibles les images ? L’intelligence artificielle au fondement d’une recomposition du travail de surveillance (Who makes images legible? Artificial intelligence at the heart of a new approach to surveillance work) – Social sciences
Xinyue SHEN, PhD candidate at the CISPA Helmholtz Center for Information Security (Germany) - HateBench: Benchmarking Hate Speech Detectors on LLM-Generated Content and Hate Campaigns – Computer science
Nina BARANOWSKA, postdoctoral Researcher at the Radboud University (Netherlands) - Equality Monitoring Protocol: using sensitive data in post-deployment monitoring of AI hiring systems (project FINDHR) - Law
Juliette ZACCOUR, PhD student at the University of Oxford (United-Kingdom) - Access Denied: Meaningful Data Access for Quantitative Algorithm Audits – Computer science

3:55 PM - 4:15 PM

Break

4:15 PM

Yana DIMOVA, PhD in cybersecurity, KU Leuven (Belgium)

4:30 PM

Panel 5: Protecting Health Data

Because they are essential for personalized care, medical research, and improving public health systems, health data are increasingly digitized, shared, and analyzed. This digitalization opens up tremendous opportunities, but also exposes this sensitive information to new risks: cyberattacks, misuse, and confidentiality breaches.

How, then, can we reconcile the immense potential of this data with the absolute imperative of protecting patient privacy and ensuring trust? How is the health data protection framework specifically evolving? How can we inform the diverse individuals whose health data is collected? What are the perceived risks in using menstruation tracking applications, especially following the questioning of certain rights (such as the right to abortion)?

Moderation: Francesca MUSIANI, research Professor at the French National Center for Scientific