PLSC-Europe 2019 (Amsterdam)

The 4th European Privacy Law Scholars Conference (PLSC Europe), organized by the Institute for Information Law (IViR), will be held Thursday and Friday, 24-25 October 2019, at the University of Amsterdam, the Netherlands.

Following the format of PLSC in the United States, PLSC Europe is a conference for discussing work in progress. There is no opportunity or obligation to publish connected to the conference. Our goal is simply to improve and provide support for in-progress scholarship. To do so, PLSC Europe assembles privacy law scholars as well as policy makers, practitioners and civil society experts from Europe and around the world to workshop and discuss papers. The conference is open to other than legal disciplines and values multi-disciplinary approaches.

The conference follows a format where a discussant, rather than the author, is assigned to kick off a discussion of the paper with the audience. We often pair junior scholars with senior colleagues in order to create mentorship opportunities. In the PLSC format, there are no panels or presentations by the authors. Instead, everyone is a “participant”, offering their best questions and insights to stimulate discussion on the draft scholarship.

The first PLSC-Europe was held in October 2015 in conjunction with the Amsterdam Privacy Conference, and the second one in May 2017, in conjunction with TILTing Perspectives 2017. From 2017 onwards, PLSC-Europe became a yearly event, alternating between the University of Amsterdam, Tilburg University, and Vrije Universiteit Brussel.



We welcome submissions and registration from all relevant backgrounds. Please note that conference participants will be expected to read the papers of the sessions they attend in advance to ensure high-quality discussions. Thus, please plan for sufficient preparation time in advance of the conference. The papers will be made available to conference participants on October 10th, 2019 at the latest. The conference fees are €150 and for PhD-students and NGO’s €75.


  • Regular: €150
  • Reduced (students & NGO): €75

Please register here online for the event.


  • Abstracts due: 23 May 2019 (extended deadline: 31 May 2019!)
  • Announcement of acceptance: 20 June 2019 (extended to 5 July 2019!)
  • Papers due: 26 September 2019
  • PLSC-Europe 2019 AMSTERDAM: 24 October (from 13:30) and 25 October 2019


Kristina Irion (
Joris van Hoboken (
Jef Ausloos (
Saba Sluiter (


Thursday, October 24th
12.15-13.00Registration – on the third floor of building A (Roeterseilandcampus, UvA)
13:00-14.15Plixavra Vogiatzoglou (KU Leuven). Limiting the limitations: the purpose specification principle in article 8 ECFR, comment by Anna Buchta ( European Data Protection Supervisor)
Alexandra Giannopoulou (University of Amsterdam). Data protection by design on the blockchain, comment by Tara Whalen (Stanford University, Google)
Svetlana Yakovleva (University of Amsterdam), Wessel Geursen (Vrije Universiteit Amsterdam) and Axel Arnbak (University of Amsterdam). Towards a coordinated enforcement of data-related rules by data protection, competition and consumer authorities, comment by Inge Graef (Tilburg University)
Gloria González Fuster (Vrije Universiteit Brussel) and Olga Gkotsopoulou (Vrije Universiteit Brussel). Sex, life, and data protection: An exploration, comment by Francien Dechesne (Leiden University)
Raphaële Xenidis (European University Institute and Utrecht University). Equality in the age of artificial intelligence: Is EU anti-discrimination law up to the challenge?, comment by Tomasz Dudek (European Law Institute)
Robert Riemann (European Data Protection Supervisor). Peer-to-Peer Protocols and Data Protection in the European Union, comment by Michele Finck (Max Planck Institute)
14:45-16:00 Seda Gürses (Delft University of Technology and KU Leuven). Privacy By Design: A matter of labor, comment by Ans Kolk (University of Amsterdam)
Eleni Kosta (Tilburg University). A two-tier European data protection framework: a critical reflection on the choices of the European legislator post- Lisbon, comment by Herke Kranenborg (European Commission)
Marijn Sax (University of Amsterdam) and Jef Ausloos (University of Amsterdam). From Game to Content Delivery Platform: An Investigation of Fortnite’s Manipulative Practices, comment by Rocco Bellanova (University of Amsterdam)
Meg Jones (Georgetown University) and Margot Kaminski (University of Colorado). An American’s Guide to the GDPR, comment by Ronald Leenes (Tilburg University)
Tom Dobber (University of Amsterdam), Ronan Fahy (University of Amsterdam) and Frederik Zuiderveen Borgesius (University of Amsterdam). The Regulation of Online Political Microtargeting in Europe, comment by Jenneke Evers (University of Leiden)
Katja de Vries (Lund University). A two-directional relation between Artificial Intelligence and Constitutional Rights?, comment by Jeroen van den Hoven (Delft University of Technology)
16:30-17:45 Gianclaudio Malgieri (Vrije Universiteit Brussel). A linguistic comparison of the concept of Fairness in the GDPR: towards a vulnerability-aware interpretation of (un)fairness as imbalance, comment by Eldar Haber (Haifa University)
Oshrat Ayalon (Tel Aviv University) and Eran Toch (Tel Aviv University and Cornell Tech). Making Privacy-by-Design User-Centered: Challenges and Methods for Involving Users in Privacy Engineering Processes, comment by Kim Wuyts (KU Leuven)
Salome Viljoen (Harvard University) and Ben Green (Harvard University). Algorithmic Realism: Embedding the Social in Technological Thought, comment by Irene van Oorschot (Erasmus University College)
Smarika Lulz (Humboldt University of Berlin). Who Are We Unwilling to Hear? Problematising Data, Algorithmic, and AI Governance for Social Justice, comment by Gloria González Fuster (Vrije Universiteit Brussel)
Ari Waldman (New York University). Privacy Discourse, comment by Hadi Asghari (Delft University of Technology)
Paddy Leerssen (University of Amsterdam). The soap box is a black box: regulating social media recommender systems through data protection and media law, comment by Margot Kaminsiki (University of Colorado)
Friday, October 25th
9:30-10:45Laura Drechsler (Vrije Universiteit Brussel). Adequacy decisions under the Law Enforcement Directive: “the same but different” compared to GDPR adequacy, comment by Svetlana Yakovleva (De Brauw Blackstone Westbroek, University of Amsterdam)
Reuben Binns (University of Oxford) and Michael Veale (University College London). Is That Your Final Decision? Multi-Stage Profiling and Selective Significance under EU Data Protection Law, comment by Sjoera Nas (Privacy Company)
Josephine Williams (University of Amsterdam) and Kristina Irion (University of Amsterdam). Now you see me, now you don’t: International trade and geo-governance of facial recognition technology, comment by Graham Greenleaf (University of New South Wales)
Karolina Galezowska (University of Warsaw). Right to explain: the Polish approach, comment by Sarah Eskens (University of Amsterdam)
Dan Burk (University of California, Irvine). Algorithmic Legal Metrics, comment by Laurence Diver (Vrije Universiteit Brussel)
Wenlong Li (University of Edinburgh) and Karen Gregory (University of Edinburgh). Restoring Gig Workers to Power: Personal Data Portability, Supply of Digital Content and Free Flow of Data in the European Data Economy, comment by Niels van Doorn (University of Amsterdam)
11:15-12:30Nicolo Zingales (University of Leeds). Joint controllership & joint responsibilities: a concept in need of principles, comment by Brendan van Alsenoy (Belgian Data Protection Authority)
Neil Richards (Washington University) and Woodrow Hartzog (Northeastern University). Privacy’s Constitutional Moment, comment by Nico van Eijk (University of Amsterdam)
Gabriela Zanfir-Fortuna (Future of Privacy Forum) and Stacey Gray (Future of Privacy Forum). A Taxonomy of Fairness in Transatlantic Privacy and Data Protection Law, comment by Natali Helberger (University of Amsterdam)
Orla Lynskey (London School of Economics). A Rule of Reason in EU Data Protection Law, comment by Maja Brkan (Maastricht University)
Ignacio Cofone (McGill University) and Katherine Strandburg (New York University). Strategic Games and Algorithmic Transparency, comment by Alessio Pacces (University of Amsterdam)
Raphael Gellert (Tilburg University). Organising the regulation of algorithms: comparative legal lessons, comment by Alessandro Mantelero (Polytechnic University of Turin)
13:30-14:45Tom Norton (Fordham University), Joel Reidenberg (Fordham University), Norman Sadeh (Carnegie Mellon University) and Abhilasha Ravichander (Carnegie Mellon University) . Evaluating How Global Privacy Principles Answer Consumers’ Questions About Mobile App Privacy , comment by Ot van Daalen (University of Amsterdam, Lawyer at Root Legal)
Sandra Wachter (University of Oxford). Affinity Profiling and Discrimination by Association in Online Behavioural Advertising, comment by Frederik Zuiderveen Borgesius (Radboud University Nijmegen)
Gavin Phillipson (University of Bristol). The unguided balance between free speech and privacy under the new GDPR ‘right to be forgotten’: some conceptual problems and tentative solutions, comment by Stefan Kulk (Utrecht University)
Blagovesta Betty Pirelli (Ecole Polytechnique Fédérale de Lausanne), Seda Gurses (Delft University of Technology and KU Leuven) and Carmela Troncoso (Ecole Polytechnique Fédérale de Lausanne). Privacy technologies meet Software Engineering: on the challenges of privacy engineering in an Agile world, comment by Woodrow Hartzog (Northeastern University)
Eric Lachaud (Tilburg University). Adhering to GDPR codes of conduct: a possible option for SMEs to GDPR certification, comment by Chris Hoofnagle (University of California, Berkeley)
Sebastian Benthall (New York University) and Jake Goldenfein (Cornell Tech). What is Socio-Political Emancipation in the Control Paradigm?, comment by Daniel de Zeeuw and Jan Overwijk (University of Amsterdam)
15:15-16:30Mara Paun (Tilburg University). Diagnosis: Regulatory disconnection – Time to reorganize data protection law?, comment by Lee Bygrave (University of Oslo)
Maja Brkan (Maastricht University). European Democracy and Free Elections in the age of Artificial Intelligence, comment by Christian D’Cunha (European Data Protection Supervisor)
Carl Vander Maelen (Ghent University). Codes of (Mis)conduct? An Appraisal of Articles 40-41 GDPR, comment by Catherine Jasserand Breeman (University of Groningen)
Katrina Ligett (Hebrew University of Jerusalem) and Kobbi Nissim (Georgetown University). Ground Rules and Goals for Data Co-ops, comment by Nicolo Zingales (University of Leeds)
René Mahieu (Vrij Universiteit Brussel), Hadi Asghari (Delft University of Technology) and Joris van Hoboken (University of Amsterdam). Investigating an ecology of transparency: Experiences of the right of access in practic, comment by Mireille van Eechoud (University of Amsterdam)
Cristiana Santos (University Toulouse 1-Capitol), Célestin Matte (Institut National de Recherche en Informatique et en Automatique) and Nataliia Bielova (Institut National de Recherche en Informatique et en Automatique). How to comply with European law on cookies? A legal-technical approach, comment by Paul-Olivier Dehaye (PersonalData.IO)
Jon Penney (Harvard University and University of Toronto) and Danielle Citron (Boston University). When Law Frees Us To Speak, comment by Balasz Bodo (University of Amsterdam)


  • Gloria Gonzalez Fuster – Law, Science, Technology & Society Studies (Vrije Universiteit Brussel)
  • Nadya Purtova – Tilburg Institute for Law, Technology, and Society (TILT)
  • Michael Veale – University College London (UCL)
  • Brendan van Alsenoy – KU Leuven Centre for IT & IP law
  • Anna Buchta – European Data Protection Supervisor (EDPS)
  • Sophie Kwasny – Council of Europe
  • Jörg Pohle – Alexander von Humboldt Institute for Internet and Society (HIIG)
  • Maja Brkan – Maastricht University
  • Orla Lynskey – London School of Economics and Political Science (LSE)
  • Sandra Wachter – Oxford Internet Institute
  • Franziska Boehm – FIZ Karlsruhe (KIT)
  • Alessandro Mantelero – Politecnico di Torino
  • Rikke Frank Joergensen – Danish Human Rights Institute
  • Frederik Zuiderveen Borgesius – University of Amsterdam & Radboud University
  • Margot Kaminski – University of Colorado
  • Gabriela Zanfir-Fortuna – Future of Privacy Forum
  • Athena Bourka – European Union Agency for Network and Information Security (ENISA)
  • Eva Lievens – Ghent University
  • Mònica Vilasau Solana – Universitat Oberta de Catalunya (UOC)
  • Dorota Glowacka – University of Lodz & Panoptykon
  • Seda Gürses – Katholieke Universiteit Leuven / TU Delft
  • Lee Bygrave – University of Oslo
  • Matthew Tokson – University of Utah
  • Meg Leta Jones – Georgetown University
  • Graham Greenleaf – University of New South Wales
  • Nico van Eijk – Institute for Information Law


Microsoft will be sponsoring PLSC Europe.

We anticipate attracting some corporate sponsorship in order to help cover some of the basic costs for organizing the conference and being able to keep the registration fee low. It is our policy only to accept sponsors that agree to exert no influence or input on the substance of the program. Corporate sponsors will receive an invitation for some of their employees to attend the conference, and they will be named in the program and publicity materials as supporters, but they will receive no other benefits, i.e. no slots on the program, no membership of the program committee and no influence over the program otherwise. While PLSC Europe is primarily an academic event, it also values bringing academics together with practitioners and a variety of experts from other backgrounds, including policy makers, industry and civil society.


If you would like to workshop a paper, please submit a title, an abstract that grounds your work in a literature (see below), and high-level outline by 31 May 2019 via our conference submission system:

In writing your abstract, please connect to the relevant state of the art. We welcome novel approaches, but please do make explicit in which ways your approach departs from existing scholarship. Abstracts should be between 300-600 words and contain sufficient detail to review the approach and potential contribution of the work.

We require all submissions to be transparent about relevant sponsorship and conflicts of interest.

The program committee for the conference will review abstracts and acceptances will be made on 20 June 2019. Workshop versions of the paper are due 26 September 2019. We reserve the right to cancel workshops if the paper draft is not provided sufficiently in advance for meaningful evaluation by participants.

You can send an email to if you encounter any problems.