For 4 decades, the International Conference of Data Protection and Privacy Commissioners has been the premier meeting place of the world’s data protection and privacy regulators and enforcers. The Conference has grown substantially and its membership now extends across many parts of the world.

Each year the Conference meets in a different city hosted by the local data protection or privacy authority. The conference first met in Bonn, Germany, in 1979 and then crossed the Atlantic for its second meeting in Ottawa, Canada. The Conference’s met for the first 20 years primarily in European locations with an occasional foray to Canada and one trip down-under to Sydney, Australia, in 1992.

The 21st Conference, at the turn of the century, was held in Hong Kong and marked a coming of age when the Conference more truly started to assume an international character. Of the 20 conferences before 1999, only 5 were held outside Europe. Since then the locations are evenly split between Europe and the rest of the world. It has convened in 6 of the 7 continents and has met four times in the Southern Hemisphere.

From 2000 onwards the Conference arranged itself more formally to speak with one voice through joint statements. In Venice in 2000 the Conference adopted guidelines and procedures for adopting Conference resolutions “of enduring value” and followed this by establishing an accreditation process in Paris in 2001. In 2002 in Cardiff the first 51 authorities were accredited. With the foundations in place the Conference was ready the following year to start adopting resolutions.

In 2003 in Sydney the first five resolutions were adopted on a mix of issues covering cross-border data transfers, technology issues, public communication of privacy messages and the issues of data protection within international organisations. The Conference has adopted more than 60 resolutions and declarations.

With the increase in the size of the Conference, and greater expectations that regulators should become more effective at global level, attention has been paid to Conference organisational arrangements. In 2010, in Jerusalem, the Conference established a five member Executive Committee to provide leadership and ensure the attainment of Conference goals. Three years later, in 2013, in Warsaw, the Conference formally adopted a mission statement and for the first time set out a strategic direction for the Conference.

The Conference first addressed enforcement coordination by resolution in 2011 in Mexico City. The Conference has subsequently returned to issues of cross-border enforcement cooperation several times and in 2014 in Mauritius established an arrangement for cooperation in enforcement.

In 2015 the Conference adopted a new strategic plan which included a priority to work with partners. This recognised that while there were few international data protection forums in 1979 when the Conference was established, 40 years later there are multiple stakeholder groups at regional and global level.

From 2012, the Conference began to devote an entire day annually to in-depth discussion of a single significant topic. Frequently these have been cutting edge technological topics, such as robotics and artificial intelligence, while on other occasions the topics have been challenging areas for privacy regulators, such as the oversight of intelligence organisations.

Three notable milestones were the declarations adopted by the Conference in 2005, 2006 and 2009 in Montreux, London and Madrid. These were not merely fine words on paper but involved substantial collaborative effort in development and implementation. The Montreux Declaration sketched out a programme to promote privacy as a universal right in a globalised world and was for several years accompanied by a conference audit of progress towards its goals. The London Declaration highlighted the need for effective communication and practical action. The declaration spawned the ‘London Initiative’ with a series of practical workshops held over a year around the world. The Madrid Resolution was the culmination of a year’s work in developing a privacy standard that could find wide support.

From late-2014 substantial efforts were undertaken to improve the Conference’s communications with members. Milestones included a regular newsletter (2014), a website (2015), an alumni network (2015), an events calendar (2016), a Twitter account (2016) and a YouTube channel (2017).

The creation in 2015 of a permanent Conference website enabled a central archive of the Conference’s documentation to be established and maintained.

In 2015, the Executive Committee established a new transparent and competitive process for selecting hosts. Each hosting proposal is assessed against a published set of criteria which recognises the desirability of progressively moving the Conference around different geographic locations. The host of the 38th Conference was the first to be selected in this way with the Conference being held, for the first time, in North Africa.

Seeking to give effect to its 2016 resolution on developing new metrics of data protection regulation, the Conference undertook the first ICDPPC Census in 2017.

In 2017 the Conference held its first awards programme. The ICDPPC Global Privacy and Data Protection Awards recognised excellence and innovation amongst member authorities in research, enforcement, education and online tools.

After 40 years, the Conference now has more than 110 member authorities. It strives to achieve the vision of an environment in which privacy and data protection authorities around the world are able effectively to act to fulfil their mandates, both individually and in concert, through diffusion of knowledge and supportive connections.

A list of all previous Conferences –

41st International Conference – Tirana, Albania, 2019
40th International Conference – Brussels, Belgium/Sofia, Bulgaria, 2018
39th International Conference – Hong Kong, 2017
38th International Conference – Marrakesh, Morocco 2016
37th International Conference – Amsterdam, Netherlands 2015
36th International Conference – Fort Balaclava, Mauritius, 2014
35th International Conference – Warsaw, Poland, 2013
34th International Conference – Punta del Este/ Canelones, Uruguay, 2012
33rd International Conference – Mexico City, Mexico, 2011
32nd International Conference – Jerusalem, Israel, 2010
31st International Conference – Madrid, Spain, 2009
30th International Conference – Strasbourg, France, 2008
29th International Conference – Montreal, Canada, 2007
28th International Conference – London, United Kingdom, 2006
27th International Conference – Montreux, Switzerland, 2005
26th International Conference – Wroclaw, Poland, 2004
25th International Conference – Sydney, Australia, 2003
24th International Conference – Cardiff, United Kingdom, 2002
23rd International Conference – Paris, France, 2001
22nd International Conference – Venice, Italy, 2000
21st International Conference – Hong Kong, China, 1999
20th International Conference – Santiago de Compostella, Spain, 1998
19th International Conference – Brussels, Belgium, 1997
18th International Conference – Ottawa, Canada, 1996
17th International Conference – Copenhagen, Denmark, 1995
16th International Conference – The Hague, Netherlands, 1994
15th International Conference – Manchester, United Kingdom, 1993
14th International Conference – Sydney, Australia, 1992
13th International Conference – Strasbourg, France, 1991
12th International Conference – Paris, France, 1990
11th International Conference – Berlin, F.R.Germany, 1989
10th International Conference – Oslo, Norway, 1988
9th International Conference – Quebec, Canada, 1987
8th International Conference – Lisbon, Portugal, 1986
7th International Conference – Luxembourg, 1985
6th International Conference – Vienna, Austria, 1984
5th International Conference – Stockholm, Sweden, 1983
4th International Conference – London, United Kingdom, 1982
3rd International Conference – Paris, France, 1981
2nd International Conference – Ottawa, Canada, 1980
1st International Conference – Bonn, F.R.Germany, 1979