Entries submitted
A1- Entry by: Agency for Access to Public Information (AAIP) Argentina
Description of the initiative:
The first is a Guide for Teenagers with information on:
- the concept of personal data,
- The importance to protect it
- The definition of digital identity, digital footprint and digital citizenship
- Rights, regulatory tools for personal data protection and how to exercise them
- It also offers concrete and useful advice, while encouraging reflection on the importance of ethical and respectful behaviour on the internet and social media.
It is structured around 5 key concepts.
- What is personal data and why is it important to protect it?
- Knowing our rights.
- Rights and personal data in digital environments.
- How to protect personal data.
- What can we do when a problem arises?
The pedagogical guide for educators offers practical tools for working with children and adolescents, protecting their privacy and exercising their right to informational self-determination in digital environments. It includes materials, games, and tips for conducting group workshops in schools and other educational settings. Activities cover topics such as digital environments, consent, the right to be informed about how our personal data is processed, what is the purposes limitation, digital footprints, and more. The guides recognize that technology is present in our daily lives, especially among adolescents, and that this has a significant impact: its use brings new social practices and challenges that change the way we understand and interact with the world. That is why the value of personal data is emphasized. It is often collected without our knowledge, even more inferences are made, and there is the potential for large-scale processing. Moreover, that can be a risk, which is why data scraping and profiling are explained using practical cases and clear language. The message is that the DPA is there to help protect your privacy. The goal is to strengthen young people’s awareness so they can take advantage of all the opportunities the Internet offers in safe, meaningful, and creative ways.
Why the initiative deserves to be recognised by an award?
In our changing world, knowledge production is key to understanding where we stand in the digital age. That is why the AAIP developed the “Our Digital World” guides as training tools designed specifically for children and adolescents. We understand that the more exponential technological development becomes, the more necessary it is for the DPA to support it with an educational leap. One of the strategic objectives of this authority is to promote a culture of privacy as a public policy and capacity building. This is reflected in the guides and in the work carried out to publicize them. Guaranteeing the rights of children and adolescents in digital environments is currently a priority on the global personal data protection agenda. This can be seen in the recent 2025 G7 Data Protection and Privacy Authorities Roundtable Statement, which is aligned with the content of our “Our Digital World” Guides. Also, in the Joint Statement on a Common International Approach to Age Assurance that the AAIP signed. The AAIP’s “Our Digital World” Guides are tools that enable public awareness by promoting digital literacy for children and adolescents by providing practical materials, tips, recommendations, and activities to protect their privacy that deserve to be recognized with this GPA award.
A2- Entry by: AP (the Netherlands)
Description of the initiative:
A good understanding of the EU Charter and the GDPR among lawyers that are actually drafting the bills is of vital importance for effective data protection. However, from our experience with the application of (36(4) GDPR) we know that the level of understanding differs greatly. By addressing these lawyers directly with a tailor made program and adequate background material that focuses on legislation issues great steps can be made. By creating a safe ‘informal’ environment (Chatham house rules) as well as plenty of room for 1:1 discussion with the Chairman of the Authority himself the lecture wins a lot of approval every year.
Why the initiative deserves to be recognised by an award?
The initiative has proven itself to be an innovative and successful concept that provides tailor made education to a group of professionals that is of vital importance to data protection. The seminar is highly appreciated by the participants.
A3- Entry by: Brazilian Data Protection Authority (ANPD)
Description of the initiative:
The Danilo Doneda Award, established in 2023, pays tribute to the legacy of Danilo César Maganhoto Doneda, a distinguished jurist and professor recognized for his significant contributions to data protection and public policy studies, both in Brazil and around the world. The aim of the competition is to promote reflection and scientific discussion in the field of privacy and data protection, thus expanding the frontier of knowledge on these topics. Submissions must meet all the requirements described in the notice and on the ANPD website, including formatting rules and relevance to the ANPD’s 2025-2026 Regulatory Agenda or 2024-2025 Priority Themes Map. Eligible participants include university students enrolled in any undergraduate course at institutions recognized by the Ministry of Education, as well as recent graduates. Submissions are evaluated by a judging panel which selects the three best based on technical and scientific quality. The winners receive certificates and their work is published. The 2025 edition features several new improvements, including cash prizes: R$8,000 (approx. € 1,240) for first place, R$5,000 (approx. € 775) for second place and R$3,000 (approx. € 465) for third place. To encourage wider participation, the deadline between the candidates’ graduation and the announcement of the competition has been extended.
Why the initiative deserves to be recognised by an award?
The Danilo Doneda Award deserves recognition for several compelling reasons. First, it honors Professor Danilo César Maganhoto Doneda, a global key figure in data protection, ensuring his contributions are remembered. By fostering interdisciplinary knowledge in the data protection field, the award addresses a critical issue in the digital age, encouraging better policymaking, best practices, and safeguards for personal information.
The award targets undergraduate students and recent graduates, stimulating academic interest and nurturing young researchers in their pursuit of data protection studies. The inclusion of cash prizes incentivizes excellence and ensures impactful submissions. The focus on themes relevant to the ANPD’s Regulatory Agenda and Priority Themes ensures that the research contributes directly to policy development. Also, the end goal is to foster the emergence of a diverse new generation of scholars that are going to build Brazil’s future on data protection and privacy. Allowing co-authored papers fosters collaboration and broadens participation, enriching the pool of ideas and solutions presented. Extending the eligibility window increases accessibility, attracting a diverse range of participants. The publication and dissemination of winning papers raise public awareness about data protection issues, educating a broader audience. Finally, the award aligns with the ANPD’s mission to build a culture of data protection in Brazil, reinforcing its commitment to this crucial area. Overall, the Danilo Doneda Award effectively promotes academic excellence, policy development, and public awareness in data protection, making it a highly deserving recipient of recognition.
A4- Entry by: CNIL_ France Commission Nationale de l’Informatique et des Libertés
Description of the initiative:
Digital technology is omnipresent in young people lives (social networks, applications, video games, etc.), and mangas play an important role in the development of reading among teenagers. So it’s only natural that CNIL has chosen this attractive format to raise awareness among 11-15 year-olds of the issues and risks associated with their use.
Combining intrigue, humor and education, this first volume titled “The phantom network” follows the adventures of two Privacy Agency investigators, Inaya and Isidore. They set out to find out why the names of three high school students, victims of online misadventures and ostracized from their class. They are on a list found in a room that was deliberately set on fire…
To produce this book, the CNIL drew on the combined talents of Faouzi Boughida, video game scriptwriter, and Grelin, illustrator and comic strip author.
The book tackles concrete subjects: hacking and identity theft, cyberbullying, e-reputation and cybersecurity. All through a story with twists and turns, dynamic drawings and engaging characters.
Why the initiative deserves to be recognised by an award?
- The manga will be translated in English in the next weeks, which will greatly narrow the audience and enable a very large number of teenagers to access content.
- Derived from teenagers’ digital work, led by 2 departments within the CNIL : research lab and last mile departments, the content is directly derived from research works, linking target information levels, practices with CNIL doctrine.
The research works has enabled the subject of privacy to be widely disseminated in the world of research, politics and among educators. https://hal.science/hal-04919994 - The campaign has been produced with CNIL’s own funds, no third party has been involved.
- This package of resources is part of the CNIL’s strategy to protect minors, and more over CNIL, the GPA strategy.
- An immersive and educational format to encourage discussion about online privacy, a complete set on similar topics for teenagers, educators and parents with tailor made information and activities.
- 900 manga downloaded in a week on the CNIL website + 200 emails received to get the printed version (already sent).
A5- Entry by: CNIL_ France Commission Nationale de l’Informatique et des Libertés
Description of the initiative:
For teenagers, a document that unfolds like a road map, offers different content on each side.
On the one side, a map hand drawn allows several levels of reading : meta or detailed.
It’s possible to read following the reading path, including 8 milestones.
Each step corresponds to a number described in the legend, explaining the opportunities and risks linked to personal data.
On the other side, 5 factsheets help learning more about :
-online identity,
-tips for protecting privacy,
-knowing rights,
-understanding what osint is,
-a list of questions to ask when receiving or viewing online content.
For adults, a booklet covers the following topics:
-first smartphone,
-cyberbullying,
-online services,
-cybersecurity,
-specific advice for parents and teachers,
Resources aimed directly at teenagers are also available in a special format for dyslexics and an audio version for those who can’t read or prefer to listen.
Why the initiative deserves to be recognised by an award?
- Derived from teenagers’ digital work, led by 2 departments within the CNIL : research lab and last mile departments, the content is directly derived from research works, linking target information levels, practices with CNIL doctrine.
The research works has enabled the subject of privacy to be widely disseminated in the world of research, politics and among educators. https://hal.science/hal-04919994 - Resources have been produced with teenagers, everything has been tested with them.
Even the colorful design has been tested with target groups. The drawings have been specially designed to help them understand and retain information. - The campaign has been produced with CNIL’s own funds, no third party has been involved.
- This package of resources is part of the CNIL’s strategy to protect minors, and more over CNIL, the GPA strategy.
- It includes a complete set for teenagers, educators and parents on the same topics with tailor-made information and activities
A6- Entry by: Agency for Access to Public Information (AAIP) Argentina
Description of the initiative:
Although the General Data Protection Regulation (GDPR) has been in force since May 2018, achieving full compliance remains a significant challenge, particularly for small and medium-sized enterprises (SMEs). To address these challenges, the Croatian Personal Data Protection Agency, in cooperation with its partners, developed Olivia: an innovative, open-source, user-friendly, and interoperable digital tool specifically designed to support SMEs throughout their GDPR compliance journey.
Olivia offers a comprehensive package of educational and practical resources. It includes fifteen data protection courses that address all key obligations of data controllers and processors as defined by the GDPR. Each course consists of both theoretical and practical components. In the theoretical part, users can explore lessons explaining specific GDPR obligations, view educational videos, and take quizzes to assess their knowledge. The practical modules provide data controllers with templates and tools to generate internal documentation that demonstrates compliance and accountability. Additionally, the Olivia platform hosts twenty webinars covering a range of data protection topics. These webinars are permanently accessible and free of charge to all interested stakeholders.
Olivia is a virtual teacher and assistant at the same time. Olivia contains a small online academy that offers to SMEs, but also to all data controllers, a series of learning modules to improve their knowledge in the field of personal data protection, and also serves as a practical tool to help organisations create internal documents to prove their compliance and accountability. It was successfully launched in 2024 and will be regularly updated to ensure its continued relevance and effectiveness. The Croatian DPA is now working on the development of modules on the interplay between GDPR and Artificial Intelligence.
To further support users, a detailed user manual, handbook, and an instructional video have been developed and uploaded to the Olivia platform to serve as a lasting educational resource. The “Olivia” digital tool has empowered SMEs, but also data protection officers across the EU, to improve GDPR compliance through user-friendly support, educational resources, and international collaboration. It enhances SMEs’ expertise, encourages a culture of privacy, and promotes EU-wide engagement through its open-source, multilingual design. Olivia is adaptable and scalable, enabling the seamless integration of new modules and language versions to support GDPR compliance across diverse national contexts.
Why the initiative deserves to be recognised by an award?
Olivia deserves recognition because it represents a pioneering, practical, and sustainable response to a genuine need among SMEs for GDPR compliance support. Despite being in force since 2018, the GDPR remains challenging, especially for smaller businesses with limited resources. Olivia bridges this gap through an open-source, interoperable, user-friendly digital tool that combines high-quality educational resources with practical compliance support, empowering SMEs to meet their legal obligations confidently and effectively.
The initiative goes beyond traditional training by offering fifteen structured data protection courses, practical templates to generate internal compliance documents, twenty permanently accessible webinars, and educational videos, all freely available in English. This innovative approach fosters a culture of privacy, strengthens the data protection ecosystem, and supports the consistent application of GDPR principles across various national contexts.
Moreover, Olivia promotes international cooperation and future-proofs its impact by enabling seamless integration of new modules. By combining education, practical tools, and international collaboration, Olivia sets a unique and replicable standard for raising awareness and improving compliance across the EU and wider. This makes Olivia truly worthy of recognition as an outstanding and innovative data protection initiative.
A7- Entry by: Autoriteit Persoonsgegevens (Dutch Data Protection Authority)
Description of the initiative:
In cooperation with a creative agency (Mensch), the Dutch DPA created an awareness campaign focussing on creating (more) awareness of the privacy risks associated with unlawful uses of tracking cookies. The campaign was created to aid the intensified national supervision on cookie use. It featured ads in the streets, on websites, in cinemas and on the radio during a two-week period in December 2024. The ads featured four different individuals with a lot of personal data animated around their heads. Ranging from the not so personal (“likes books”) to the very personal (“eating disorder” or “compulsive disorder”). Illustrating the fact that cookies make it possible for many companies to stick certain labels on your personal online profile, whether it’s (partly) correct or not.
The campaign targeted businesses and the general public, similar in appearance but with a different message for each target group. Businesses were being addressed in a very direct manner, these ads said: “Cookies know everything about your customers. Do you think that’s normal? Change your cookie policy and prevent getting a fine. Learn how on our website.” The ads for the general public focussed on what people can do to minimize the risks to their privacy posed by cookies. It said: “How are you being profiled? Protect your privacy. Adjust your cookie settings. Learn how on our website.” The campaign page on our website featured useful information for the general public and businesses alike.
Why the initiative deserves to be recognised by an award?
We live in an age where most of the people have a significant amount of ‘cookie weariness’. Most people find (tracking) cookies annoying and would rather not have them, but they have accepted them as a ‘necessary evil’. To break through this weariness we have tried to let people look at cookies from a different angle. Partly by illustrating that tracking cookies make it possible to label people at a much more detailed level than most people realize. And also by not solely focusing on the general public, but placing the responsibility where it belongs: with the companies who have websites with large amounts of tracking cookies. By taking this approach we hope to have inspired more people to stop unthinkingly and automatically accept all cookies on websites that have willingly made it more difficult (or impossible) to not accept tracking cookies.
A8- Entry by: Garante per la Protezione dei Dati Personali (GPDP)
Description of the initiative:
The GPDP launched the “Privacy Tour 2024–2025” to promote personal data protection and responsible use of digital technologies, particularly in areas of southern Italy where digital literacy is less widespread. The initiative engages citizens, students, institutions, civil society, and businesses through public events, workshops, and institutional dialogues, aiming to build greater awareness of privacy rights and risks related to emerging technologies such as artificial intelligence.
The tour began in Messina in April 2024 with a launch event involving local institutions and youth organizations. It continued in 
Lecce, where participants explored issues related to the digital divide and data protection through interactive sessions. The Privacy Tour then expanded to other cities across the country (https://www.garanteprivacy.it/privacytour). In March 2025, the tour arrived in Salerno for an event on gender discrimination and data protection in schools, organized with Luiss LawLab and Google. In May 2025, the GPDP was in Palermo for a workshop at the historic Complesso dello Steri, involving students and experts from academia, law enforcement, and the tech sector. Later that month, the tour reached Catanzaro with a two-day forum on digital equity and the risks of algorithmic bias in AI-based hiring, supported by FS Group and regional institutions.
By encouraging collaboration between public and private actors, the initiative fosters local ownership of privacy education, adapting messages to the specific needs of each territory. Through its widespread presence, the Privacy Tour contributes to reducing the knowledge gap and reinforces the idea that data protection is a fundamental right for all, not a privilege for the few.
This initiative represents a replicable model for building digital citizenship from the ground up, combining national strategy with local action. It also reflects the GPDP’s broader mission to ensure inclusion, raise awareness on digital ethics, and promote a culture of transparency and accountability in the use of technology. The Privacy Tour continues to grow as a platform for participation and dialogue, helping citizens better understand their rights and make informed decisions in an increasingly complex digital world.
Why the initiative deserves to be recognised by an award?
The “Privacy Tour 2024–2025” deserves recognition for its innovative and inclusive approach to public engagement on data protection. Unlike traditional awareness campaigns, the initiative brings the Authority directly into underserved communities, prioritizing areas with low digital literacy and limited access to education on privacy rights. By combining national level guidance with local partnerships, the tour creates tailored, high impact educational events that resonate with diverse audiences from students and small businesses to local institutions and vulnerable groups.
The initiative addresses complex challenges such as digital inequality, gender bias in AI, and ethical data use, while fostering active dialogue and trust. Its emphasis on presence, participation, and practical tools helps citizens make informed decisions and assert their rights in digital contexts. Moreover, the Privacy Tour exemplifies a replicable and sustainable model for engaging communities, building institutional trust, and promoting a rights based digital culture.
The strong coordination between public and private actors, the wide geographical coverage, and the focus on inclusion and emerging technologies make this initiative a benchmark for effective public outreach in the field of data protection.
A9- Entry by: Garante per la Protezione dei Dati Personali (GPDP)
Description of the initiative:
In 2025, the GPDP launched a nationwide institutional communication campaign aimed at raising awareness about the risks associated with “sharenting”—the frequent and often excessive sharing of photos and videos of children by parents on social media platforms.
The initiative is driven by growing concerns over the long-term implications of disclosing children’s personal information online, often without their consent or understanding (obviously impossible or anyway insufficient when the image of an infant or a baby or a minor is diffused). Once shared, this content can remain accessible for years, potentially exposing minors to privacy violations, such as identity theft, digital profiling, or even misuse by malicious actors animated by pedopornograhic intent.
With the effective claim, “Their privacy is worth much more than a like”, the campaign calls on parents and guardians to reflect on the consequences of turning their children’s images into public digital content. It promotes a more thoughtful and respectful approach to managing children’s digital presence and encourages adults to protect the rights and dignity of minors in online spaces.
The campaign includes a video spot currently being broadcast on national televisions and radio networks.
The campaign portraits a classroom full of adults students who are harshly warned by the teacher about the negative and permanent effects of “sharenting”. They are asked by the teacher to place their mobile phones on their school desks and to write 100 time on their notebooks that in this way the parents impose a public image decided by their parents and that their pictures risk, amongst others, to end on pedopornographic websites.
To reach a broader and more digitally engaged audience, the campaign is also being disseminated through the GPDP’s official social media channels. This multi-platform strategy ensures the message resonates across various demographics and media consumption habits.
By launching this initiative, the GPDP reaffirms its role in safeguarding the rights of minors in the digital age and emphasizes the importance of responsible online behaviour. The campaign serves as both an informative and preventative tool, reminding the public that protecting a child’s privacy today is an investment in their freedom and safety tomorrow.
Why the initiative deserves to be recognised by an award?
This initiative by the GPDP deserves recognition for its timely, impactful, and socially responsible message. In an era where oversharing on social media has become normalized, especially by parents documenting their children’s lives online, the campaign boldly addresses a sensitive but critical issue: the right of minors to their digital privacy.
The campaign effectively combines emotional appeal with educational value. It not only raises awareness but also sparks public debate on the ethical implications of “sharenting”, a practice still largely unregulated and underestimated.
What sets this initiative apart is its forward-thinking approach—protecting the rights of those too young to advocate for themselves—and its use of multiple media platforms to maximize outreach. By broadcasting on national TV and radio, and amplifying the message via social media, the campaign ensures cross-generational engagement.
It aligns perfectly with broader goals of digital literacy, child protection, and responsible data use, setting a benchmark for public institutions worldwide. Recognizing this initiative would highlight the importance of privacy in the digital age and inspire similar actions globally to protect children’s rights in increasingly connected societies.
A10- Entry by: Hellenic Data Protection Authority
Description of the initiative:
Τhe Hellenic Data Protection Authority developed a comprehensive privacy education initiative specifically tailored for children, focusing on the safe and informed use of online services, as part of the project ‘byDefault’, funded by the European Union’s CERV program.
In its initial phase, the project developed educational resources that featured clear learning objectives and age-appropriate messaging. These materials were then evaluated and refined to ensure pedagogical effectiveness, incorporating a variety of learning methods to engage diverse student needs and learning styles.
An educational tool was developed to train primary and secondary school students, with the goal of strengthening their understanding of privacy and data protection. This tool is a hybrid physical-digital augmented reality (AR) game called Tzimanious (meaning “smart cookie”). Through gameplay, students learn to navigate the Internet wisely and cleverly, gradually developing a form of digital expertise.
The AR game combines both physical and digital (“phygital”) features: it consists of physical components, such as a board, pawns and cards, as well as digital elements (an app must be installed on the mobile or tablet to be used during the game process) and aims to make students aware of how to protect their personal data. It is played by 2 to 6 players or groups. The goal of each player/group is to move their pawn through the eight stations of the game, answering questions about personal data and collecting as many diamonds as possible.
Ultimately, the AR game and the accompanying educational material are expected to be incorporated into the school curriculum at both primary and secondary levels. This development stems from a proposal submitted by the Hellenic Data Protection Authority to the Minister of Education, who proved to be an enthusiastic supporter of the initiative.
Furthermore, as part of the project, a training and support program for teacher development has been created in order to establish a culture of responsibility and respect for personal data within the educational community. This is achieved by enhancing teachers’ knowledge and skills, thereby increasing their ability to promote these issues among their students.
Why the initiative deserves to be recognised by an award?
The interactive AR game combines a traditional board game format with modern technology to keep children engaged and encourage organic peer-to-peer sharing, thereby enhancing learning outcomes.
It addresses key topics such as Internet and social media use, the concept of personal data, and risks related to sharing children’s data online. It also offers practical guidance on navigating social networks, recognizing suspicious behavior, understanding cookies, and identifying manipulation tactics online.
The game was pilot-tested in real classroom settings after a 4-hour webinar that trained participating teachers. Over 500 students from more than 20 classrooms across public and private schools in Greece took part in the pilot phase. Results showed a positive impact on both learning and classroom dynamics.
Combining Augmented Reality (AR) with Game-Based Learning (GBL) proved pedagogically effective: AR enables interaction with real-world learning objects like maps and books, while GBL introduces a playful element. Together, they create an immersive and engaging educational experience.
The game is ready for use in schools, and the HDPA plans to make it accessible to any other interested stakeholders.
A11- Entry by: Information and Privacy Commissioner of Ontario (IPC)
Description of the initiative:
Now entering its fifth season with over 40 episodes, Info Matters is dedicated to promoting information literacy and enhancing the public’s knowledge of their privacy and access rights. In each episode, we tackle some of the most pressing questions of our time: How can AI be used responsibly to advance health care? What are the human rights implications of facial recognition technology? What does Gen Z think about privacy? Info Matters also shares essential tips to help listeners stay safe and informed in a digital world, like how to avoid phishing and cyberattacks?
Privacy matters to each and every one of us—but in different ways, depending on who we are and our life circumstances. Info Matters features guests from a wide range of backgrounds to hear diverse experiences and shine a light on marginalized perspectives, including women and teenage girls, foster kids, health and child protection in equity seeking groups, patient advocates, victims of intimate partner violence, Indigenous communities, and people experiencing homelessness. Through this diversity, the show offers an intersectional look at privacy and information access.
Info Matters is also enhancing the public’s trust in the IPC to uphold privacy and information access rights. Hosted by the Commissioner herself, the show helps to humanize data issues and demonstrates our commitment to serving everyday Ontarians. Fostering these human connections and listening to diverse perspectives are key to our overall vision of being a modern and effective regulator with real world impact.
Below are some of Info Matters’ most popular episodes.
Season 1 Episode 7: First Nations data sovereignty
This episode explores how principles of data ownership, access, control, and possession (OCAP) help promote the ethical use of data about First Nations, by First Nations, and for First Nations.
Season 2 Episode 2: Family ties: Using investigative genetic genealogy to solve crimes
Renowned DNA forensics expert Dr. Frederick Bieber speaks about the use of genetic genealogy by police and the potential privacy risks associated with this emerging technique.
Season 4 Episode 4: Artificial intelligence in health care: Balancing innovation with privacy
Dr. Devin Singh of Toronto’s Hospital for Sick Children speaks about balancing the benefits and risks of using artificial intelligence to improve health care diagnoses and treatments.
Why the initiative deserves to be recognised by an award?
Since its launch in 2021, Info Matters has been downloaded more than 20,000 times, reaching audiences in Canada and beyond. In 2023, the show was awarded a Canadian Podcast Award for Outstanding Technology Series, a testament to its success in bringing crucial information to the public. As of 2024, Info Matters was ranked by Feedspot as the #7 data security podcast worth listening to in 2024.
In the digital age, privacy education is more important than ever, but oftentimes, key information remains inaccessible to the general public. Info Matters fills a crucial knowledge gap, inviting listeners of all backgrounds to join in the conversation. It’s also arming listeners in Ontario with valuable knowledge about their own privacy and transparency rights, giving them the tools they need to protect themselves and their personal information.
A12- Entry by: Information and Privacy Commissioner of Ontario (IPC)
Description of the initiative:
The IPC’s YAC is a group of ten youth between the ages of 15 and 22 from different communities across the province of Ontario, with diverse backgrounds, experiences and outlooks. Over their two-year term, the council came together to share their perspectives, provide input on youth-focused initiatives, and champion privacy and information access rights among their peers.
Their contributions have played an instrumental role in advancing one of the IPC’s key strategic priorities: Children and Youth in a Digital World. Through regular online meetings, a full-day in-person retreat, and professional speaking opportunities, the YAC has provided thoughtful advice on a wide range of IPC projects, including initiatives such as:
- Youth Ambassador Toolkit – a key resource designed with youth for youth, to empower them with the knowledge, skills and tools they need to educate their peers about the importance of privacy and their privacy rights.
- Digital Privacy Charter – a set of twelve privacy best practices that schools can adopt to reaffirm their commitments to protect students’ privacy from ed tech platforms and empower students through privacy education and digital literacy.
- Privacy Pursuit Lesson Plans – a set of classroom-ready lesson plans designed to help educators teach students about privacy and data protection online.
- Frequently asked questions and answers about children’s access and privacy rights in the child welfare sector.
YAC voices have been embedded throughout the IPC’s work. They have been featured on our Info Matters podcast. On our Instagram account the YAC guided the development of digital content on topics that children and youth care about, including generative AI, age verification, online safety, and digital literacy.
Furthermore, YAC members have inspired privacy regulators and professionals across Canada by sharing their perspectives firsthand, as invited speakers at high-profile events such as the 2024 Annual Meeting of the Canadian Federal Provincial Territorial Privacy Commissioners and Ombuds and at the IAPP Canada Privacy Symposium 2025.
Why the initiative deserves to be recognised by an award?
Most privacy-related content is developed by and for adults and professionals. However, young people are most in need of privacy education and deserve to have a say related to the key issues that impact their daily lives in the classroom and online.
The IPC’s YAC model has made a strong impact in Canadian and international privacy communities and has been recognized as a leading example of how to engage youth in the conversation. Being recognized with this award would further advance this model as a best practice among other privacy regulators. Currently, the IPC is one of the only data protection authorities in the world to have a youth council. By giving young people a platform to express their views on access and privacy issues that affect them, we have demonstrated that youth perspectives are a valuable and essential part of the privacy conversation.
The YAC’s work has been recognized at numerous conferences and forums including UNICEF, the Global Privacy Assembly (GPA), Victoria International Privacy & Security Summit (VIPSS), Asia Pacific Privacy Authorities (APPA), and Federal, Provincial and Territorial (FPT) Privacy Commissioner meetings.
A13- Entry by: Institute for Transparency, Access to Public Information and Data Protection of the State of Mexico and Municipalities (Infoem)
Description of the initiative:
The Film Discussion is an educational strategy designed to raise awareness among high school students about digital violence and personal data protection, especially in the context of social media. The activity is structured in three phases: an introductory talk, a screening of the film “The Cyberbully,” and a final discussion.
In the first phase, privacy and digital rights specialists provide an accessible explanation of what digital violence is, how it manifests itself in virtual environments, and the basic principles of personal data protection. The film “The Cyberbully” is then presented, realistically portraying the consequences of online bullying and the irresponsible use of technology.
A discussion is then held with the students, who share their opinions, experiences, and reflections on what they have seen. This space allows for identifying real concerns among young people and reinforcing key messages about privacy, respect, and responsibility in the digital environment.
The initiative has proven highly effective in generating empathy, promoting open conversations on these issues, and strengthening awareness of digital rights among adolescents. It also encourages critical thinking and the prevention of risky online behavior.
Why the initiative deserves to be recognised by an award?
The Film Conversation deserves this recognition for its innovative, empathetic, and deeply human approach to addressing critical issues such as digital violence and personal data protection among adolescents. Through an audiovisual and participatory experience, it connects emotionally with students, facilitating their understanding of complex concepts such as cyberbullying, privacy, and the responsible use of technology.
The initiative is distinguished by its ability to translate legal and technical issues into accessible and meaningful messages for a key population: young people, who are highly vulnerable in digital environments. By fostering open dialogue after the film, the project not only educates but also transforms attitudes and behaviors, empowering students to make informed decisions about their digital lives.
Its impact goes beyond the classroom, as many of the insights generated permeate their homes and communities. Due to its comprehensive approach, its potential for replicability, and its commitment to more conscious and responsible digital citizenship, the Film Conversation represents a valuable contribution to data protection and deserves to be recognized globally.
A14- Entry by: Institute for Transparency, Access to Public Information and Data Protection of the State of Mexico and Municipalities (Infoem)
Description of the initiative:
The Digital Violence Website is a digital platform developed by the Institute for Transparency, Access to Public Information, and Protection of Personal Data of the State of Mexico and Municipalities (Infoem), with the goal of disseminating clear and accessible information about digital violence and how to prevent it. This microsite, hosted on Infoem’s institutional portal, offers educational content on the different types of digital violence, its consequences, prevention strategies, and legal foundations for eradicating it.
The tool is designed to be inclusive and easy to navigate, allowing access from different devices and facilitating access for people in rural or remote communities in the State of Mexico. Its digital nature makes it a far-reaching resource, overcoming geographical barriers and raising awareness in sectors that might otherwise not have access to this type of information.
In addition to providing written content, the site includes visual resources, infographics, and links to applicable regulations, making it a reliable and up-to-date resource. This initiative strengthens the right to personal data protection and a life free from violence in digital environments, promoting an informed and empowered citizenry in the face of the risks of the technological age.
Why the initiative deserves to be recognised by an award?
Infoem’s Digital Violence Website deserves recognition for its accessible, inclusive, and strategic approach to addressing one of the most urgent challenges in the digital environment: online violence. This tool not only informs, but also educates and empowers citizens through clear, visual, and understandable content that explains how to identify, prevent, and respond to situations of digital violence.
Its digital design allows it to reach rural communities and hard-to-reach areas in the State of Mexico, democratizing knowledge and helping to close the digital divide in human rights and personal data protection. Furthermore, it integrates updated regulatory frameworks and materials, making it a reliable resource for students, teachers, parents, and public servants.
The initiative stands out for its territorial impact, its potential for replication in other entities, and its firm commitment to eradicating digital violence as a way to guarantee a dignified and safe life in virtual environments. For its real contribution to strengthening a responsible digital culture, it deserves global recognition.
A15- Entry by: Irish Data Protection Commission (DPC)
Description of the initiative:
In 2023, the DPC consulted with a number of external organisations and management bodies in the education sector in order to gain a clearer picture of the specific concerns and challenges faced by schools which they felt merited particular attention in terms of guidance.
The DPC produced the “Data Protection Toolkit for Schools” in order to further assist schools in meeting their data protection obligations. This toolkit was specifically created to assist schools with their obligations as data controllers and to help them to comply with the General Data Protection Regulation and the Data Protection Act 2018 when processing the personal data of children.
The toolkit contains;
- A detailed guidance piece on different aspects of data protection law in the specific context of schools
- An FAQ section containing answers to questions commonly received by the DPC from the education sector
- An appendix containing three helpful resources for schools, namely:
- A sample template for Data Protection Impact Assessments (DPIAs)
- An infographic on what information to include in a Privacy Policy
- A “checklist” for schools on how to respond to a Subject Access Request (SAR)
The toolkit stands out from the DPC’s published guidance to date as there was a focus on making the guidance sector specific and visually dynamic with infographics, templates and colourful key takeaways.
Following the toolkit’s launch the DPC is planning to raise further awareness of this resource by running a series of information sessions targeting primary, post primary and recently/soon to be qualified teachers across Ireland in 2025.
Why the initiative deserves to be recognised by an award?
The DPC has created an innovative and convenient resource specifically designed for the education sector. It addresses the most common and persistent data processing challenges that the sector faces year to year in plain language and with examples that were tailored to be pertinent to them.
Given the complexities of data protection in schools, the toolkit is a valuable resource for principals, teachers, and Boards of Management nationwide to review numerous data processing concerns all within one convenient document. The toolkit offers essential guidance for schools on managing children’s data, handling access requests, and ensuring compliance, with key insights on consent, third-party data sharing, Data Protection Impact Assessments and CCTV policies.
At the forefront of the toolkit is the principle that the best interests of the child will be considered by the DPC in respect of a child’s data protection rights, taking into account their evolving capacity as they near the age of majority.
Following the toolkit’s launch in December 2024, we invited feedback from the public until 20 February. The feedback we received was extremely positive with the toolkit being described as an “excellent update” and “of huge value to schools.”
A16- Entry by: Data Protection Commission
Description of the initiative:
The DPC’s inquiries considered state surveillance by local authorities (regional and municipal authorities) and found widespread deployment of CCTV in public places to prevent littering. Widespread non-compliance with data protection law was discovered, resulting in the DPC exercising corrective powers, including administrative fines, bans on processing, and orders to bring processing into compliance.
The inquiries further found local authorities had an invalid legal basis under the waste management and litter pollution legislation that facilitated CCTV deployment for litter and waste purposes. While this legislation provided local authorities’ powers to detect, investigate, and prosecute waste and litter pollution offences, it did not explicitly give the power to deploy or process footage for these purposes, nor did not set out the necessary procedural safeguards for use of these technologies. Consequently, the DPC banned various deployed CCTV cameras.
The DPC made the relevant Government Minister aware of these issues, and worked with the legislature and the Local Government Management Agency (LGMA) to remedy them. The legislative gap was addressed by the Circular Economy and Miscellaneous Provisions Act, 2022, which provided for lawful deployment of recording technology, including CCTV, for the enforcement of litter pollution and waste management legislation subject to statutory codes of practice. The DPC was involved in pre-legislative scrutiny of the Act and worked with the LGMA in 2024 on three codes of practice for local authorities to use CCTV and mobile recording devices to combat waste and litter pollution offences. The DPC played an active role in the scrutiny of these codes and made detailed observations on all three codes.
The DPC has seen a significant improvement in awareness and compliance due to this initiative. It is clear from engagement with local authorities increased effort is put into DPIAs and compliance documentation. The DPC is also receiving frequent queries from local authorities on implementing the codes of practice. The DPC has regular face-to-face engagement with local authority DPOs in various fora. The new legislation provides a basis for use of CCTV that is clear, precise and foreseeable to data subjects, and protects against the risk of disproportionate surveillance by authorities.
Why the initiative deserves to be recognised by an award?
This initiative deserves to be recognised because it demonstrates how the DPC’s work brings about positive systemic change. It started with identifying the problem and the infringements of data protection law and the necessary exercise of corrective powers, i.e. local authorities using CCTV without a lawful basis, and then resulted with the DPC contributing to solving the problem, through pre-legislative scrutiny of new legislation and practical guidance through the creation of three codes of practice. Through its engagement, the DPC ensured that the new legislation provides a legal basis for local authorities to use CCTV and other recording technologies that protects the fundamental rights to privacy and data protection and that ensures that the use of these technologies is limited to circumstances where they are necessary, proportionate and in the public interest. The DPC’s decisions and engagement with the relevant government Departments have resulted in legislative and behavioural change in a way that facilitates our policy objective. The DPC has gone from a position of awareness raising about data protection compliance in the abstract to building on practical and improved compliance.
A17- Entry by: Office of the Data Protection Authority (ODPA) Guernsey
Description of the initiative:
It might seem impossible to try to educate and empower every school-age child in our jurisdiction through Bijou Seeds but our small size is our superpower, allowing us to be agile and collaborative.
We are achieving this through a dynamic and evolving programme of activities for schools that has been rolled out across Guernsey during the past couple of years to help educate young people about the safety and security of their personal data, and to raise their awareness of wider data protection issues.
It combines different types of media, hands-on activities and real-life scenarios to encourage students to think about how they share their data and ways to ensure it doesn’t fall into the wrong hands.
This year we have trained additional staff members (including our Commissioner) in Safeguarding Levels 1 and 2 to increase our capacity and enable us to deliver the schools sessions entirely in-house to the following age groups:
Year 4: 30min storytelling session (age 8-9)
- Introducing the ideas of data protection through a reading and discussion of the storybook, ‘Warro goes on an adventure’ written specifically for this purpose. Each child is given their own copy of the book to keep.
Year 6: 20min assembly (on request): (age 10-11)
- Why we have a law and links to the UNCRC.
- What is personal data?
- Sharing personal data and ways to look after it.
Year 8: (age 12-13) In-class session including:
- Introduction to risks.
- How social media uses personal data.
- Identification of risks to people from data use in different scenarios.
- How AI uses personal data and fake accounts.
Year 10: (age 14-15) in-class session similar to Y8, including:
- Immersive technology.
- Digital technology.
- More on AI.
- How fake news uses data and risks of mis/dis information.
- The future of tech and personal data.
ACE Invaders: More than 500 children attended this free, community gaming event which we co-organised together with a committee of online safety volunteers and launched in January 2025. Children and young people can come along and take part in (or just watch) Smash Bros and Rocket League competitions and tournaments, while stands run by local partners such as the local library and police online safety team offer activities and advice about how to enjoy the digital world safely. It has proven a highly effective educational strategy of “Learning by playing”.
Why the initiative deserves to be recognised by an award?
The ODPA has produced a huge volume of resources in a variety of different mediums – always delivered using ‘plain English’ to safeguard, educate and empower children and young people under the banner of the Bijou Seeds Project.
Our schools’ sessions are rolled out to hundreds of students every year and our outreach team have a talent for lighting up a room of bored, tired students and creating an electric energy, assisted by carefully curated content developed alongside Guernsey’s PSHE lead to ensure it hits learning targets and is aligned with curriculum.
These are complemented by our free community gaming event ACE Invaders, which we launched in January 2025 with limited resources producing a professional, engaging event which was attended by hundreds of children and resulted in many helping to build a ‘data tree’ which gave us a great insight into their concerns about the online world which we can now build into our schools programme.
With children spending more and more of their lives online, understanding who can access and manipulate their personal information has never been more critical. We believe in speaking directly to children, to including them in the conversation to help them grow and thrive in our digital world.
A18- Entry by: Office of the Privacy Commissioner for Bermida
Description of the initiative:
PrivCom’s Road to PIPA (R2P) implementation plan was a 37-week PIPA compliance strategy for organisations in Bermuda in preparation for the full implementation of the Personal Information Protection Act (PIPA) on 1 January 2025.
Throughout 2024, that is, in the year preceding the full enactment of PIPA, PrivCom continued to work with both organisations and individuals in Bermuda and to offer guidance, training, and awareness activities. This assisted in ensuring that members of the public were prepared for the legislation to take effect in January 2025.
Since the R2P implementation plan was launched in January 2024, organisations in Bermuda had an opportunity to sign an intent statement, expressing their organisation’s commitment to protecting the personal information of individuals in Bermuda. The statement has been made available to the public via PrivCom’s website. Throughout 2024, CEOs from twenty-four (24) organisations submitted their intent statement.
The R2P implementation plan consisted of ten overarching topics:
- Organisational commitment
- Groundwork
- Inventory
- Risk assessment
- Policies and Procedures
- Training
- Outsourcing and service providers
- Incident response
- PIPA rights requests
- External communication, and Ongoing actions.
The topics were chosen with a view to ensuring that organisation adopt a Privacy-by-Design mindset. Such an approach means embedding privacy into an organisation’s operations, structure, and culture.
The R2P implementation plan was a step-by-step process for organisations to follow in order to meet their legal obligations once PIPA was fully implemented. PrivCom updated the implementation plan on a weekly basis with new materials such as practical tips, activities, guidance, downloadable tools, resources, and quarterly checklists made available on Road to PIPA | PrivComBermuda. These resources were devised to help organisations of all sizes with track and document their progress towards compliance with PIPA. The materials remain on PrivCom’s website to assist organisations with developing a robust Privacy Programme.
As part of R2P, PrivCom held 3 public events: PIPA Unveiled, Navigating PIPA Compliance, and PIPA & You, and a community outreach initiative, Know Your Rights. PrivCom also developed and delivered a six-month training programme. The programme consisted of six training and practice sessions for representatives of organisations from the public, private, and third sector.
Why the initiative deserves to be recognised by an award?
Over the course of 2024, the Office of the Privacy Commissioner for Bermuda (PrivCom) received positive feedback from other data protection authorities globally, as well as from other organisations in the public, private and third sectors. PrivCom was told on several occasions that other DPAs and organisations were using and/or adjusting our materials to help with their educational, awareness raising, or compliance initiatives and efforts.
A19- Entry by: Office of the Privacy Commissioner for Personal Data, Hong Kong, China (PCPD)
Description of the initiative:
In response to the growing use of AI in Hong Kong, the PCPD has undertaken a multi-pronged initiative to promote AI security.
Firstly, the PCPD has published a range of guidance materials on the protection of personal data privacy and AI, including the “Artificial Intelligence: Model Personal Data Protection Framework” (“Model Framework”) in June 2024 and the “Checklist on Guidelines for the Use of Generative AI by Employees” (“AI Guidelines”) in March 2025. To promote these publications, the PCPD has distributed them to approximately 450 public and private organisations across various sectors, including government departments, chambers of commerce and professional bodies.
In addition, to foster dialogue and knowledge exchange, the PCPD has hosted a series of seminars and conferences aimed at directly engaging with industry players and stakeholders. Notably, in January 2024, the PCPD co-organised an international conference entitled “Enhancing Personal Data Protection in the Age of Artificial Intelligence” with the University of Hong Kong, attracting over 330 participants from around the world. From July 2024 to June 2025, the PCPD held three hybrid seminars on AI and privacy protection, offering practical insights for organisations. These seminars drew over 1,700 attendees.
To connect with the younger generation, the PCPD launched the “Future Leaders of AI and Privacy Protection Training Programme” in July 2024. Through a topical seminar and an AI interactive workshop, 90 secondary students learned about the importance of having a personal data privacy management programme and ethical standards for the use of AI.
Furthermore, to encourage best practices among organisations, the PCPD introduced the “Best AI Governance Award” (“AI Awards”)under the “Privacy-Friendly Awards 2025”, recognising organisations that have implemented the recommendations outlined in the Model Framework.
More recently, the PCPD hosted our annual flagship event, “Privacy Awareness Week 2025”, under the theme “AI Security Matters for All”, and rolled out an array of promotional and educational activities. These included the running of thematic trams for roving promotion, the launch of a dedicated “AI Security” thematic website, and a series of thematic seminars, all aimed at reinforcing the importance of safeguarding personal data privacy in the age of AI.
Why the initiative deserves to be recognised by an award?
The initiative deserves to be recognised by an award for its versatility, targeted strategies for different sectors, and effective use of both offline and online channels to promote AI safety and personal data privacy in the digital age.
Firstly, the PCPD has adopted a multi-channel comprehensive promotional strategy, encompassing the organisation of seminars, conferences and roving exhibitions on AI, the publication of guidance materials such as the Model Framework and the AI Guidelines, and the introduction of AI Awards on AI governance to raise awareness of data privacy across all sectors of society.
Secondly, our promotional efforts are tailored to specific segments of society. For example, the “Future Leaders of AI and Privacy Protection Training Programme” is designed for youngsters, while the AI Awards are introduced for commending organisations in Hong Kong that excel in AI governance.
Lastly, by utilising both offline and online channels, including thematic trams and a dedicated “AI Security” thematic website, the PCPD has significantly broadened its reach.
The combination of targeted engagement and broad public outreach demonstrates the PCPD’s innovative approach and unwavering commitment to promoting the importance of data privacy in the era of AI.
A20- Entry by: Office of the Privacy Commissioner, New Zealand
Description of the initiative:
The name Poupou (pillars) Matatapu (privacy) comes from te reo Māori, the indigenous language of Aotearoa New Zealand. Poupou Matatapu describes ten pou (pillars) that are fundamental to agency understanding and implementation of privacy.
The ten pou are:
- Governance
- Know your Personal Information
- Security and Internal Access Controls
- Transparency
- Building Capability and Awareness
- Breach Management
- Responding to requests and complaints well
- Assessing Risk
- Measure and Monitor
- Privacy Management Plan
Each of the first nine pou can be worked through sequentially to help agencies develop a full understanding of their privacy capability and preparedness, and the Privacy Management Plan pou provides a template for agencies to record and assess their compliance, and develop an improvement plan. Poupou Matatapu utilises archetype examples of different kinds of agencies common in New Zealand (e.g. a tech company, a government department, a charity) and descriptions of how these agencies can comply with privacy requirements.
Poupou came about because we found that organisations’ privacy programmes are often reactive, responding to a specific event or inquiry but not having the time or resources to proactively implement a strategy. Organisations improve practice by responding to the event but then lose momentum. Building an effective privacy management system requires continuous improvement to lift capability, maintain good practice once this is achieved, and establish a privacy culture that reflects the values of each organisation.
We asked organisations what they struggled with when complying with the Privacy Act and what would help manage their privacy obligations and risk. We also asked how we could help them to build a privacy-protective culture throughout their organisation. The answer was clear guidance that outlined our expectations as a regulator and provided practical examples.
Poupou has broad support from our regulated sector and benefited from input from privacy professionals throughout Aotearoa.
Poupou Matatapu is not designed to stand alone. OPC has a Compliance and Regulatory Action Framework which allows us to assess whether agencies have worked towards the outcomes as outlined in Poupou Matatapu. Poupou Matatapu is a key part of how we communicate privacy in speeches, other guidance and media statements.
Why the initiative deserves to be recognised by an award?
Poupou Matatapu signals a shift in how OPC helps New Zealand agencies do privacy well. Underpinning Poupou Matatapu is our commitment to explaining in clear, accessible language how agencies can meet their privacy obligations.
We recognise that privacy teams in agencies are not always fully resourced, and that it is incredibly useful to provide busy individuals who don’t know where to start thinking about privacy with a clear, straightforward way to assess their privacy compliance. This is particularly important in small agencies. They can see themselves in the archetype examples and this makes privacy real for them. Now that they understand more clearly what is required of them they are supported to make meaningful changes to their privacy programmes.
As an office we regularly speak to varied audiences across New Zealand and attendees report to us that the approach we take in Poupou Matatapu is what makes the requirements of the Privacy Act click for them. Suddenly privacy isn’t so scary or hard to comply with. Poupou Matatapu allows agencies that may previously have struggled to meet their privacy obligations understand what they need to do, which is why it deserves to be recognised by this award.
A21- Entry by: The Office of the Data Protection Commissioner
Description of the initiative:
The Office launched a comprehensive public awareness initiative aimed at fostering a strong data protection culture across Kenya. In collaboration with the Kenya School of Government, the Office developed a training curriculum to guide stakeholder capacity building, supported by the accreditation of competent entities to conduct training sessions. To reach diverse audiences, the Office produced animated videos, songs, flyers, handbooks, and Z-card brochures with tailored messages. These were disseminated through mainstream media—including TV and radio stations with national and community reach—ensuring content was translated into vernacular languages. Social media campaigns, amplified by influencers, expanded reach further. A vibrant caravan roadshow campaign deployed branded trucks featuring influential personalities who engaged directly with the public in marketplaces and on roadsides. In a unique collaboration with the Ministry of Education, the Office partnered with the Kenya Music Festival—a platform reaching learners from primary to university level across all 47 counties. Here, students delivered creative performances including songs, choral verses, and poems on data protection themes, effectively using young voices to champion the cause. Additional platforms included participation in annual agricultural trade fairs and strategic speaking engagements at professional association meetings such as the Institute of Certified Public Accountants of Kenya (ICPAK). Moreover, a nationwide advocacy program was rolled out in partnership with the national administration system, targeting data controllers, processors, and subjects through town hall workshops. Through these diverse, inclusive, and innovative approaches, the initiative significantly enhanced public understanding and engagement with data protection rights and responsibilities.
Why the initiative deserves to be recognised by an award?
This initiative deserves recognition by the Global Privacy Assembly Award for its inclusive, innovative, and impactful approach to data protection awareness. It stands out for its multi-platform strategy tailored to Kenya’s diverse population—leveraging national and community media, vernacular translations, social media influencers, roadshows, and creative arts. By integrating data protection themes into the Kenya Music Festival and collaborating with educational institutions, the initiative reached young audiences in a culturally relevant and engaging way, making privacy education accessible and memorable. The development of a formal training curriculum and the accreditation of trainers demonstrates a commitment to sustainable capacity building. Additionally, the partnership with the national administration system enabled nationwide outreach through town halls and professional forums, engaging both data handlers and the general public. This holistic model not only raised awareness but also influenced attitudes and behaviors toward personal data rights and responsibilities. The initiative exemplifies how data protection can be localized, and made impactful through innovation, partnerships, and cultural integration. It serves as a replicable model for other countries aiming to promote privacy in diverse and resource-constrained contexts.
A22- Entry by: The Personal Data Protection Office (UODO)
Description of the initiative:
The “The Image of a Child on the Internet. Handbook” is a collaborative effort by the Personal Data Protection Office and the Orange Foundation, designed to equip adults, organizations, and institutions with the knowledge to safeguard children’s welfare and safety online. It highlights that images and videos of children, despite often being shared with good intentions, can lead to severe consequences such as hate speech, cyberbullying, the creation of derogatory memes or deepfakes, digital identity theft (e.g., for fraudulent fundraisers), and even exploitation on forums for individuals with paedophilic tendencies.
The handbook emphasizes that an image is both personal data and a personality right, urging particular caution when processing and disseminating children’s images. Mirosław Wróblewski, President of the Personal Data Protection Office, stresses the legal and ethical dimensions of this issue. The publication also addresses the permanent nature of online content, noting that once shared, images can be rapidly spread and modified beyond the original publisher’s control.
A significant finding from the “Teenagers 3.0” (2023) report indicates that 45.5% of surveyed teenagers had their image made public by parents or guardians, with 23.8% feeling embarrassed and 18.8% dissatisfied. This underscores the importance for adults, including those in schools, nurseries, and care facilities, to be acutely aware of their role, especially with the new duty to implement minor protection standards in Poland.
The handbook provides guidance on constructing proper consent for image dissemination, debunks common myths, lists potential risks, and defines terms like “sharenting” and “troll parenting.” It also includes questions for self-reflection before publishing content and offers child-safe alternative solutions. The handbook was launched at a conference on July 8, 2024, highlighting the collaborative effort towards a more subjective and empathetic treatment of children in the digital space.
Why the initiative deserves to be recognised by an award?
This initiative deserves recognition because it directly addresses a critical and growing challenge in the digital age: the pervasive sharing of children’s images online and its potentially severe, often unforeseen, consequences. By providing a comprehensive handbook, the Personal Data Protection Office and the Orange Foundation empower a wide range of adults, particularly those in institutions working with children, to make informed and ethical decisions about digital privacy.
The handbook’s value lies in its practical approach, explaining complex legal aspects (like GDPR and personality rights ) alongside crucial ethical considerations and real-world risks. It not only raises awareness but also offers concrete solutions and prompts for critical thinking, fostering a culture of respect for children’s privacy and dignity. The collaboration between a supervisory authority and a foundation demonstrates a holistic approach to a societal issue that demands immediate and thoughtful intervention.
Interest in the handbook has been very high. Since July 2024 the title of the publication has appeared repeatedly in the media. The phrase ‘To publish or not to publish a child’s image on the Internet’ has appeared a total of more than a thousand times, on the Internet (992 times), on television (44 times), on radio (24 times) and in the press (17 times).
A23- Entry by:
Description of the initiative:
Starting February 1, 2025, the conference space at the Personal Data Protection Service of Georgia is fully dedicated to conducting “Confidentiality Lessons” for schoolchildren every Tuesday. On this day, meetings are held in two separate sessions. At the same time, visits to schools in the regions are planned and carried out in parallel.
The project aims to raise awareness among minors regarding the protection of personal data. During the “Confidentiality Lessons,” students in grades VI–XII receive information on the importance of data protection and learn to evaluate the risks that may arise from the illegal or careless disclosure of data. The trainings are conducted by the service’s lawyers, who deliver this information to the students through simple, interactive, and engaging presentations.
At the same meetings, special publications are distributed to students and teachers:
- An educational and entertaining journal for children — this publication introduces minors to the importance of personal data protection in a simple, interactive, and fun way. It covers the following topics: why it is necessary to understand human rights; what personal information is and how to protect it; how to stay safe on the Internet; and why a culture of data protection is important in personal relationships. Additionally, the journal includes several engaging activities for children, such as quizzes, crosswords, scanwords, and other educational exercises that make learning enjoyable. The goal of the journal is to help children learn from an early age how to protect themselves in both the digital and real worlds.
- Brochure on Data Processing in the Digital World – With the development of digital technologies, children are increasingly active on social networks (such as Facebook and Instagram), entertainment apps (like TikTok and various games), and more. While the online space offers many opportunities, it also presents certain risks regarding children’s privacy and the protection of their personal data. This guide helps children understand how minors’ personal data is processed in the digital environment, learn the rules for safe internet behavior, and receive practical advice on how to protect themselves online.
- Guide on the Protection of Personal Data in Educational Institutions – Educational institutions collect a large amount of personal data, the protection of which is mandatory under the Law of Georgia “On Personal Data Protection.” This guide provides information on the following topics: the obligations of educational institutions in relation to personal data protection; the rights of parents, legal representatives, and employees of educational institutions concerning data processing; the meaning of a data breach (incident); and the actions an educational institution should take upon discovering one. The guide serves as a practical resource for teachers, administrative staff, and parents—anyone committed to ensuring that children’s data is protected in accordance with the law.
Why the initiative deserves to be recognised by an award?
The “Confidentiality Lessons,” initiative deserves recognition as it addresses a pressing need – empowering children with knowledge and practical skills in personal data protection. It is the first systematic, long-term educational project in Georgia specifically designed for schoolchildren to raise awareness regarding data protection issues.
The initiative combines face-to-face meetings and visits to the Service’s office with purpose-built printed materials, including an interactive newspaper and brochures. The meetings are led by the Service’s lawyers, who explain complex legal issues to children in a way that is both understandable and engaging.
The project has already enabled hundreds of students to gain a deeper understanding of the importance of data protection. The initiative helps foster safe online behavior among children, raises awareness, and educates them to become responsible and informed citizens.
This initiative is focused on achieving tangible results. It demonstrates the responsibility of an independent data protection supervisory authority to safeguard children’s rights.
A24- Entry by: Turkish Personal Data Protection Authority
Description of the initiative:
The rapid advance of artificial-intelligence (AI) technologies has introduced new concepts, responsibilities and debates, together with far-reaching legal, technical and ethical effects.
In light of these developments, Turkish Personal Data Protection Authority has compiled the book “An Academic Perspective on Artificial Intelligence Technologies,” comprising five sections and fifteen scholarly articles in which leading academics examine— from multiple angles—the legal, technical and ethical issues surrounding the protection of personal data in AI.
The volume contains the following articles:
Introduction to Artificial Intelligence and Machine Learning
An Ethical Approach to Artificial-Intelligence Technologies
Codes and Laws: The Regulatory Route of Artificial Intelligence and the EU AI Act
Legal Liability for Harms Caused by Artificial Intelligence
Fundamental Principles of Data-Protection Law and Their Assessment in Relation to AI Applications
Profiling with AI Algorithms and the Protection of Personal Data
Core Data-Protection Methods in Artificial Intelligence
Factors to Be Considered in AI Applications Developed for Vulnerable Groups (Children, Older Adults, Persons with Disabilities)
Artificial Intelligence and Personal Data in the Health Sector
Artificial Intelligence in Employment
Compliance of Recommendation Models with the Turkish Personal Data Protection Law (KVKK)
Artificial Intelligence in the Transport Sector
Use of Artificial Intelligence in the Financial Sector: An Evaluation Focused on Personal Data Protection
Artificial Intelligence in Education
Governance and Methodology in Artificial Intelligence
These articles have been made available to interested readers in order to contribute to the field of personal-data protection.
Why the initiative deserves to be recognised by an award?
In light of recent developments in AI, it has become necessary to develop new approaches to the protection of personal data. The importance of personal data protection for individuals, along with the new legal, technical, and ethical questions raised by AI systems, renders the work of researchers and academics in this field even more valuable.
Academic research and scientific publications contribute significantly to a better understanding of legal regulations concerning artificial intelligence, to the evaluation of international standards, and to the discussion of emerging developments. These studies also support the sustainability of data protection policies.
The protection of personal data—situated at the intersection of the disciplines of law and information technology—is attracting increasing academic interest, with a growing number and scope of studies being conducted in this area.
This process of academic production plays an effective role in raising awareness about personal data protection and in helping to build a more robust data protection ecosystem.
A25- Entry by: Turkish Personal Data Protection Authority
Description of the initiative:
Verinaz is a comic book hero who fights against various risks posed by emerging digital technologies such as online shopping, digital games, deepfakes, and artificial intelligence applications.
The cartoon’s main character is called “Verinaz”. “Veri” means data and “Naz” is a Turkish girl name. With the help of Verinaz different characters learn the methods against threats in the realm of personal data protection.
Last year (2024) 6 cartoon magazines of the “I’m Learning My Personal Data with Verican” series were published on the official website of KVKK which are still accessible on-line.
Why the initiative deserves to be recognised by an award?
In five issues topics such as protecting children’s privacy regarding biometric data, artificial intelligence, online shopping and digital games were covered and through her digital adventures, Verinaz guides both children and adults on the conscious use of digital technologies, emphasizing that protecting privacy in the digital world is just as important as in the physical world. Thus, she helps people stay safe in digital environments.
A26- Entry by: UK Information Commissioner’s Office (ICO)
Description of the initiative:
As part of the ICO’s upstream monitoring of the wider AI ecosystem, aiming to understand how the development and provision of AI recruitment tools complies with UK data protection law, between August 2023 to May 2024 the ICO carried out a series of consensual audits and engagements with developers and providers of AI-powered sourcing, screening, and selection tools used in recruitment. This work covered a range of AI use cases such as machine learning, including natural language processing. Our audits found some considerable areas for improvement in data protection compliance and management of privacy risks in AI. In many instances we found a startling lack of compliance in some tools being used for recruitment, where judgements made by AI were little better than estimation or guesswork. This could lead to job applicants across the country being unfairly discriminated against based upon characteristics such as their race, age or gender. ICO auditors made 296 recommendations and 42 advisory notes across all engagements – 97% of these recommendations were accepted, and actions set. The ICO published an Outcomes Report which summarised seven key recommendations from the consensual audits, as well as providing examples of good practice, case studies and points to consider for both recruiters and AI developers. The publication of the Outcomes Report was targeted at both the AI and recruitment industries and set clear expectations on the development and deployment of these tools. Our intervention is already leading to positive changes by the providers of these AI tools. All our recommendations have been actioned by those organisations, and we now fully expect to see other recruiters and AI developers take note of our findings and consider the practical advice in our report to help jobseekers and employers to trust in their tools.
Why the initiative deserves to be recognised by an award?
AI-powered recruitment tools have become a focal point in modern hiring, offering the promise of streamlining processes and improving candidate selection. We recognise that shifting the processing of personal information to these complex and sometimes opaque systems comes with inherent risks to people and their privacy. By having high standards of data protection compliance, organisations developing and using AI in recruitment can innovate and deliver great services, while building trust with the public. The Outcomes Report provides practical recommendations and case studies that can inform and educate both providers and recruitment teams about the responsible use of AI in their recruitment processes and is the first of its kind from the UK regulator. The methodology for auditing of AI systems is still in its infancy, this work demonstrates how we are making strides in this area to improve our understanding and drive compliance. The report provides education to the public in this often opaque world of online job applications. Our work and the subsequent publication of our findings also led to our delivery of an external webinar attended by over 300 delegates on the subject, the updating of our existing guidance and focussed the direction of the ICO’s AI & Biometrics Strategy for 2025/26.
A27- Entry by: UK Information Commissioners Office (ICO)
Description of the initiative:
What if a data breach turned your life upside down? What if you had to move house, leave your job or change your child’s school because of information that was shared inappropriately? But you felt that the organisation responsible dismissed it as just an ‘admin error’… We learnt this was happening to people whose HIV status was shared inappropriately, and to domestic abuse survivors whose safety was jeopardised – we had to act. Objectives: 1. Change how organisations respond to data breaches 2. Increase access to support for people experiencing a data breach Budget: At under £19,000, our low budget was spent entirely on trauma-informed research and audience insight. Delivery was in-house. Insight: We partnered with Women’s Aid, Women’s Aid Scotland, National AIDS Trust and Terence Higgins Trust to speak directly with individuals. We heard: • Organisations failed to acknowledge the human impact of a data breach, dismissing it as an ‘admin error’ • Victims would seek support from the organisation responsible, or a trusted support organisation, rather than the ICO. But those organisations often didn’t know where to direct people for support It was clear that this affected people in other vulnerable situations too. We took a two-pronged approach to targeted education and awareness for: 1. Organisations most likely to be involved in a data breach: A public call for them to handle cases with empathy. 3 2. Organisations that people go to for help: Equip them to support individuals. Delivery: Our integrated education and awareness plan included: A public call from the Information Commissioner, demanding organisations do better. We targeted national media, healthcare and local government. A simple one-page guide on what to do after a data breach. Pack for organisations containing everything they need to get our message to the people that need it , housed on a central campaign hub. It included our simple guide, posters, newsletter copy and a video. Stakeholder engagement, including speaking and podcast opportunities. Social media activity featuring mini case studies and advice.
Why the initiative deserves to be recognised by an award?
Our campaign is ALL about people. The whole concept was research led and the result is a campaign that delivered a meaningful difference for people in vulnerable situations. “I have found the resources really useful and have incorporated them into our suite of training packages. They’ve even served as a conversation starter on the impact of breaches and bringing it to real life.” (United Utilities) Outputs • 14 million media opportunities to see • Information pack distributed to 210 stakeholders across health, local government and third sector. 51 (24%), including Citizens Advice and Trussel, have shared. • Social posts achieved 215% higher impressions and 1.5 times higher engagement than average. • 15 speaker-slots addressing 3,645 attendees, including Age UK, NHS England. • International interest, including at the International Association of Privacy Professionals, European Spring Conference, directly with Canadian and Australian authorities. • Campaign video achieved 19,105 impressions across social channels, viewed 16,685 times to date, 115 shares. Outcomes • 90% of organisations reconsidered their approach (target 65%), with 64% planning to make changes in their work (target 60%) • 40% of support organisations say we’ve enabled them to provide better support to victims (target 40%) • 89% of consumers think the one-page guide is easy to understand (target 80%).
A28- Entry by: Albanian Information and Data Protection Commissioner
Description of the initiative:
As part of the awareness-raising activities organized on the occasion of January 28 – Data Protection Day – the IDP undertook several initiatives, aimed at increasing public awareness on the importance of personal data protection and the respect for privacy. One of the key initiatives of this campaign was the development and dissemination of an informative and educational questionnaire designed to assess the public’s basic knowledge regarding Law No. 124/2024 “On the Protection of Personal Data.”
This questionnaire was presented in the form of a pop-up window on the official website of the IDP, appearing automatically for visitors to the site. This presentation method was intended to directly engage the public and measure the level of awareness among citizens regarding the rights and obligations arising from the new law. Through this interactive format, the IDP seeks not only to promote the legislation in force, but also to encourage reflection and active participation by individuals in safeguarding their personal data.
Why the initiative deserves to be recognised by an award?
This initiative represents a proactive and innovative approach to educating and raising public awareness about the rights deriving from personal data protection legislation. Through a simple yet highly effective tool – a pop-up questionnaire on the official website of the IDP – technology, communication, and legal education have been successfully integrated to strengthen the culture of privacy.
This initiative has contributed not only to informing citizens about Law No. 124/2024 but also to actively engaging them in the process of personal data protection. The interactive element makes this approach particularly effective and unique, placing the individual at the center of the process and offering them the opportunity to directly assess their knowledge.
Moreover, this initiative serves as a strong example of how public institutions can leverage technology in the service of transparency, awareness, and the reinforcement of fundamental individual rights.
A29- Entry by: Albanian Information and Data Protection Commissioner
Description of the initiative:
The IDP places great importance on raising awareness and fostering a social culture that prioritizes the protection of fundamental human rights and freedoms.
As part of its efforts to raise awareness about personal data protection, the developed questionnaire was implemented in a user-friendly and innovative way. Participants could access it by scanning a QR code (barcode) with their mobile phones. This approach made it quick and easy for users to engage, without needing to download any extra apps or sign up. Scanning the QR code took participants to a specially designed webpage, optimized for mobile browsers, ensuring instant, smooth access with no technical barriers.
A core feature of this process was ensuring the complete anonymity of the users. The system didn’t gather any personal or identifiable information from the users’ devices, meaning no IP addresses, location data, or other sensitive information was recorded. All responses were stored in an anonymized way, linked only to a randomly generated ID created at the beginning of the questionnaire, with no connection to the participant’s identity.
Once the data collection period ended, the results were processed and analyzed using a specialized statistical platform. This platform generated clear visual representations, such as pie charts, showing the percentage of responses for each question. This made it easier to interpret and understand the participants’ level of knowledge and awareness about personal data protection legislation.
Why the initiative deserves to be recognised by an award?
This initiative innovatively addresses a very sensitive aspect of personal data protection — the processing of young generation data (minors), a category that is particularly protected under the General Data Protection Regulation (GDPR). The young generation, which is highly exposed to technology and digital platforms, requires special measures to ensure the protection of their privacy and personal data.
Through the anonymized questionnaire and secure data collection methods, the initiative not only educates the youth and those involved in the process about their legal rights but also demonstrates compliance with the highest standards of data protection. This careful approach is crucial for creating an environment of trust and for promoting responsible awareness regarding the processing of minors’ personal data.
In this way, the initiative contributes to empowering the young generation by giving them the opportunity to understand their rights and actively participate in protecting their privacy. It thus fulfills the legal requirements for personal data protection and serves as an excellent example of best practices in the field of data protection.
A30- Entry by: Gibraltar Regulatory Authority (“GRA”)
Description of the initiative:
This innovative festive campaign by the GRA combined strategic communication, creative content development, and thoughtful public engagement to raise awareness about data protection during the busy holiday season—a time when privacy is often overlooked. The centrepiece of the campaign titled “A Privacy-Proof Countdown to Christmas” was the 12-part social media series featuring practical, Christmas-themed privacy tips. Shared on every even day from December 2nd to 24th 2024, the posts were carefully crafted to appeal to a broad audience—including individuals, families, and organisations—delivering relevant advice at a time when online activity typically spikes. The GRA team invested significant time researching current digital privacy issues, trends in online threats, and best practices for safeguarding personal information, ensuring that each tip was timely, accurate, and useful. Accompanying the countdown was a lively and engaging audio-visual piece titled “Data Protection, Your Guiding Light”. This festive video used cheerful music and catchy lyrics to highlight key messages such as creating strong passwords, avoiding phishing scams, and Christmas shopping safely online. It aimed to cut through the holiday noise with a message that was both educational and entertaining, encouraging viewers to take control of their digital presence. Behind the scenes, the campaign involved extensive planning and content development. From topic selection and scriptwriting to design and distribution, each element was tailored to resonate with an audience often distracted by the seasonal rush. The campaign successfully positioned data protection as a relevant, everyday concern (even at Christmas), reinforcing the idea that safeguarding personal data is a gift that continues to give long after the holidays end.
Why the initiative deserves to be recognised by an award?
The GRA’s Christmas initiative deserves recognition for its bold, creative, and highly effective approach to spotlighting data protection at a time when it’s most often forgotten. Launching during the festive season, a period of heightened digital activity and lowered vigilance, it cleverly transformed privacy awareness into a compelling, holiday-themed conversation. 3 What sets this campaign apart is not just its originality, but the thoughtful, tailored effort invested in creating content that speaks directly to the needs of our small jurisdiction. The tips and messages were carefully researched and crafted to resonate across all demographics, delivering both substance and seasonal charm. It struck a rare balance—making complex, critical issues like data protection accessible, engaging, and even enjoyable. This was a well-executed initiative, with content designed to remain relevant and adaptable for years to come, even as the digital landscape continues to evolve. More than just a seasonal campaign – it served as a powerful reminder that safeguarding personal data is a year-round responsibility.
A31- Entry by: National Privacy Commission, Philippines
Description of the initiative:
The Kabataang Digital Advocacy Materials are part of the broader Kabataang Digital Campaign, an initiative that promotes data privacy and online safety, especially among the youth. It also aims to raise awareness among parents, educators, and developers on their vital role in creating a safer digital environment for children.
To support this goal, a set of advocacy materials were developed—primarily brochures designed for children, parents, educators, and app or website developers. These materials provide practical guidelines, age-appropriate information, and clear roles each stakeholder must take to ensure responsible use and protection of personal data online. The content is crafted to be easy to understand, visually engaging, and rooted in everyday digital experiences.
Kabataang Digital also produced a series of short videos that explore essential topics in online safety and data protection. These include:
- Internet Safety Privacy
- Internet on the Go
- Internet Addiction
- Digital Safety
- #PlayItRight
- Passwords and Terms of Service
- Cyberbullying
Each video targets common digital risks faced by children and teens, providing practical advice in a relatable and youth-friendly manner.
At its core, Kabataang Digital envisions nurturing a generation that is:
- Matalino (Intelligent) – understands the value of their personal data and knows how to protect it.
- Mapagmatyag (Observant) – aware of potential online scams and threats.
- Mapanuri (Vigilant) – exercises critical thinking when sharing, clicking, or engaging online.
Through these advocacy materials, the initiative empowers not just the youth but also the community around them to take proactive steps in building a safer, smarter, and more responsible digital future.
Why the initiative deserves to be recognised by an award?
The Kabataang Digital (KD) Advocacy Materials deserves to be recognized for its strong commitment to promoting data privacy awareness among the youth and their families. In a time when children are growing up in a fully connected world, the campaign goes beyond traditional awareness efforts by creating age-appropriate, engaging, and impactful materials that resonate with both digital natives and their guardians.
Through brochures, videos, and school-based caravans, KD reaches a wide audience with clear, practical guidance on protecting personal data. Its strategic use of social media ensures that the message continues to spread in spaces where young people are most active. What sets KD apart is its holistic approach—it empowers children, informs parents and educators, and engages developers, recognizing that digital safety is a shared responsibility.
The campaign successfully bridges the gap between policy and practice, making complex concepts like digital footprints, privacy settings, and online consent easier to understand.
At a time when data misuse and online risks are growing concerns, Kabataang Digital stands out as a timely, inclusive, and impactful initiative that equips the next generation to be responsible digital citizens.
A32- Entry by: National Privacy Commission, Philippines
Description of the initiative:
Privacy Awareness Week (PAW) 2025 carried the theme “Global Privacy Matters: Navigating a Borderless Digital World and Expanding New Professional Horizons.” It focused on the growing importance of protecting personal data, especially in today’s digital world where artificial intelligence and technology are rapidly changing the way we live and work.
Through Proclamation No. 527, s. 2018, PAW is a yearly celebration led by the National Privacy Commission (NPC) to help people understand their rights when it comes to data privacy. In 2025, PAW became both a global and local platform for learning and collaboration.
One of the highlights of PAW 2025 was the 8th National Data Privacy Conference, which brought together global experts, regulators, and the public to talk about important topics like how to handle AI responsibly, build trust in digital platforms, and manage personal data that moves across borders. The event also featured the PAW Awards 2025, which recognized individuals and organizations that made outstanding efforts in promoting data privacy in the Philippines.
The conference was livestreamed on the NPC’s Facebook and YouTube pages, and local media helped spread the message further to a wider audience.
Beyond the conference, PAW 2025 encouraged schools, hospitals, government offices, and companies across the country to join the campaign by displaying privacy posters, stickers, brochures, and videos in public areas. Many also held their own seminars and activities to teach their communities about the importance of privacy.
By combining big international discussions with local efforts, PAW 2025 showed how everyone—whether in government, business, or the community—has a role to play in protecting personal data.
In all, PAW 2025 positioned the Philippines as a strong voice in the global privacy conversation and reminded everyone that in today’s digital age, privacy matters to all of us.
Why the initiative deserves to be recognised by an award?
PAW 2025 initiative exemplifies a holistic and impactful approach to advancing data privacy and public awareness in the digital age. Through a dynamic blend of international collaboration and local outreach, it effectively bridges the gap between high-level policy dialogue and community engagement. By convening global privacy authorities and industry experts at the 8th National Data Privacy Conference, the initiative helped shape discourse on critical issues such as AI governance and cross-border data flows, aligning local efforts with global standards.
Simultaneously, its grassroots campaign empowered citizens, organizations, and institutions across the Philippines through accessible educational tools and activities. From government offices to classrooms, PAW 2025 brought data protection to the forefront of national consciousness, emphasizing that privacy is a shared responsibility.
The campaign’s strategic use of digital platforms, media coverage, and sectoral partnerships significantly amplified its impact and accessibility. Its inclusive, forward-thinking approach reflects the NPC’s commitment to creating a privacy-literate society equipped to navigate an increasingly borderless digital world.
This comprehensive, multi-sectoral model of privacy advocacy makes PAW 2025 worthy of international recognition in the Education and Public Awareness category.
A33- Entry by: National Privacy Commission, Philippines
Description of the initiative:
Rated DP with Atty. Josh serves as a valuable platform for businesses, government agencies, and various sectors to promote compliance with the National Privacy Commission (NPC). It encourages organizations to fulfill their obligations under the Data Privacy Act of 2012, including registering with the NPC and securing their Seal of Registration.
The series features real-world success stories from Data Protection Officers (DPOs), officials, and company representatives, who share their compliance journeys to inspire others to take action and register.
Insightful episodes include:
- Ang Beer na ‘To at ang Privacy Mo
- Behind the Lens: Data Privacy at the Kapamilya Network
- Sky’s the Limit: How About in Data Processing?
- Rated DP with McDo DPO
These are just a few examples of the many engaging and informative episodes featured in the Rated DP with Atty. Josh series. With its continued success and commitment to the tagline, “Kung Saan ang Bawat Kwentong Privacy ay Mahalaga,” the program consistently underscores the importance of data privacy across all industries.
Staying true to this advocacy, Rated DP with Atty. Josh inspires audiences to develop a deeper understanding of data privacy and emphasizes its vital role in building trust, accountability, and legal compliance within organizations.
Why the initiative deserves to be recognised by an award?
Rated DP with Atty. Josh deserves recognition for its contribution to promoting data privacy awareness and compliance across both the public and private sectors. The series stands as a compelling example of how the Data Privacy Act of 2012 can be effectively implemented in real-world settings, showcasing practical applications and success stories from various industries.
Through engaging interviews and insightful narratives, the program encourages organizations to take concrete steps toward protecting personal data, starting with registering with the National Privacy Commission (NPC) and securing their Seal of Registration. This not only ensures legal compliance but also builds credibility and trust with stakeholders.
The experiences shared by Data Protection Officers (DPOs) in different episodes highlight their proactive efforts in establishing and strengthening data privacy frameworks within their organizations.