IAPP Global Summit 2026: Privacy, AI governance, Cybersecurity law

The European Data Protection Board (EDPB) has published its agenda for the IAPP Global Summit 2026, highlighting key regulatory priorities. This agenda signals the EDPB's focus on the operational convergence of three critical frameworks: existing data privacy law (like the GDPR), emerging AI governance, and the expanded cybersecurity requirements under the NIS2 Directive.

The agenda is a critical resource for compliance professionals across all sectors covered by NIS2, including essential and important entities in energy, transport, banking, healthcare, digital infrastructure, and public administration. It is particularly relevant for organizations where data protection, AI deployment, and cybersecurity measures intersect.

Compliance teams should review this agenda to anticipate and align with the EDPB's strategic enforcement and guidance priorities for the coming period. The next step is to initiate integrated planning that breaks down silos between privacy, AI governance, and cybersecurity functions. Teams should prepare for audits and risk assessments that evaluate these areas holistically, ensuring that incident response, risk management, and reporting procedures meet the combined standards of GDPR, AI Act, and NIS2.