20th anniversary of personal data protection in Croatia,

Welcome to the website dedicated to the conference marking the 20th anniversary of the establishment of the Croatian Personal Data Protection Agency.

We invite you to the conference titled “Risks and Compliance in the Age of AI,” that will be held on 24 May 2024, in Zagreb, Croatia. As we gather to commemorate this momentous occasion, your presence would be greatly appreciated

Since the establishment of the Croatian Personal Data Protection Agency in 2004, the world has experienced profound technological advancements, significantly altering how people communicate, work, shop, and engage with their surroundings. Social media platforms have revolutionized interpersonal interaction and information sharing; cloud computing has fundamentally altered data storage, processing, and accessibility; the digital banking revolution has provided individuals with the convenience of accessing banking services through websites and mobile apps; and the rise of e-commerce has transformed the retail sector. Advances in technology and data analytics have enabled marketers to gather and analyze vast amounts of customer data, allowing for more targeted and personalized marketing campaigns. Moreover, we are currently facing the evolving landscape shaped by AI-powered technologies and their impacts on fundamental rights and freedoms.

Over the past two decades, there has been a noticeable shift in public awareness regarding data privacy concerns. Individuals are increasingly vigilant about sharing personal data online and are demanding greater transparency and control over their data.

Throughout these changes, the Croatian Personal Data Protection Agency has remained steadfast in its commitment to safeguarding the fundamental rights of Croatian citizens. Through various educational activities, initiatives, and EU-funded projects, the Agency persistently works to raise awareness about personal data protection and privacy among all stakeholders.

The General Data Protection Regulation (GDPR), which applies fully across the EU as of 25 May 2018, is at the heart of the EU legal framework, guaranteeing the fundamental right to data protection.

In our increasingly digitalized economy, safeguarding personal data has become more critical than ever, forming an integral part of a human-centric approach to navigating the opportunities and challenges presented by the digital era and Artificial Intelligence. This imperative is not only a matter of fundamental rights, as recognized by both EU and national constitutional frameworks, but also a democratic necessity. Moreover, it serves as an economic imperative; the sustainable growth of the European data-driven economy relies heavily on consumers’ trust in the responsible handling of their data.

Although the GDPR has been widely acclaimed for its significant achievements in raising awareness about personal data protection and enhancing data processing practices worldwide, challenges persist in its implementation, particularly for SMEs. Despite nearly six years since the GDPR became applicable in the EEA, many SMEs continue to grapple with compliance due to limited human and financial resources.

In Croatia, as well as across the EU, SMEs constitute over 99% of enterprises, which makes them the backbone of the European economy. At the same time, they represent the largest group of data controllers/processors handling vast amounts of personal data. Recognizing the difficulties SMEs face in adhering to the GDPR, the European Commission provides financial support to data protection authorities to assist SMEs in their compliance efforts.

The conference is part of the outreach activities of the EU-funded project ARC II aimed at supporting Croatian and Italian SMEs in their efforts to comply with the data protection legal framework.