Bridge Summit 2026 Session-by-Session Recap
With over 2,400 privacy professionals joining this year, Bridge Summit 2026 was clearly our biggest and most engaging Bridge yet! Bridge 2026 focused on how the privacy world is innovating in response to the latest pressures from global regulation and generative AI.
In the opening keynote, Executive Director of CalPrivacy, Tom Kemp, revealed that CalPrivacy has over 100 active investigations stemming from website and app audits conducted by their team of technologists and PhDs, as well as over 10,000 consumer complaints.
In the day 2 keynote, noyb Chairperson, Max Schrems, broke down the proposed GDPR changes in the new EU Digital Omnibus and argued that article 88C relies on “unicorn safeguards” to protect personal data used for AI training because the “appropriate safeguards” mentioned in the proposal aren’t defined and don’t exist today.
Bridge 2026 consisted of 15 sessions across four tracks: Privacy Innovation, Regulation & Enforcement, AI Governance, and Privacy Program Design. The sessions included fireside chats, presentations, and panels from a total of 30 speakers, covering topics such as web and app privacy governance, CIPA litigation, and AI regulation.
If you missed it, or just want to revisit the biggest takeaways, we’ve got you covered. Here’s a recap of all 15 sessions with links to watch or listen to the recording.
Opening Keynote: The State of CalPrivacy: Clarifying Regulation and Enforcement in 2026
Get clarity on California privacy regulation and enforcement in 2026 through a fireside chat with CalPrivacy Executive Director Tom Kemp and privacy attorney Daniel Goldberg (Chair, Data Strategy & Privacy). This keynote covered major areas shaping enforcement expectations, including the Delete Act and the DROP system, risk assessments, automated decision-making, and cybersecurity audits.
Attendees heard directly how enforcement is carried out and what CalPrivacy’s top priorities are for 2026.
Day 2 Keynote: How the EU Digital Omnibus Could Re-Write Privacy and AI Law
On November 19, 2025, the European Commission published its Digital Omnibus Package proposing updates to key pillars of the EU’s GDPR, AI Act, and Data Act. In this session, Max Schrems (noyb Chairperson) and Robert Bateman (Senior Partner, Privacy Partnership) broke down the largest potential changes to the European data regulatory framework in years.
Get updates on the current regulatory process and understand how the most critical proposed changes could affect privacy practices and enforcement as these developments unfold.
Privado AI Keynote: Next in Privacy Innovation: AI Agents that Make Governance Scalable
AI has dramatically accelerated innovation across organizations, and privacy teams need their own AI agents to keep pace. Privado AI co-founders Vaibhav Antil and Prashant Mahajan shared how agents can unlock new automation for privacy assessments, data maps, and risk discovery.
Learn how agents can initiate, populate, and help review assessments, unite data across sources to build more complete data maps, and automate risk analysis and alerts aligned to your policies and principles.
The State of Colorado Privacy: GPC, Cross-State Enforcement, and New Restrictions
Watch a fireside chat with Assistant Colorado Attorney General Andrea Lowe and privacy attorney Daniel Rosenzweig (Principal Attorney, DBR Tech Law) on Colorado’s new privacy restrictions and the shift toward cross-state enforcement collaboration.
This session covered Colorado’s recent amendments, participation in cross-state GPC investigative efforts, and how organizations can reduce enforcement risk in light of evolving state coordination.
Preparing for New US Privacy Laws
2026 will bring another round of new and amended state privacy laws. Tyler Bridegan (Partner, Womble Bond Dickinson LLP) and David Stauss (Partner, Troutman Pepper Locke LLP) walked through critical requirements organizations need to prepare for, including when privacy assessments are required, how sensitive data processing is restricted, and what changes to make to privacy notices.
Hear how these laws compare with other state approaches and get best practices for reducing enforcement risk.
Protecting Against CIPA Lawsuits: Latest Trends and Best Practices
CIPA lawsuits continue to surge, and court interpretations keep evolving. Matthew Pearson (Partner, Frankfurt Kurnit) shared the latest litigation trends and unpacked how privacy teams can reduce exposure.
Get practical guidance on minimizing CIPA litigation risk based on recent case developments and common patterns behind claims.
Governing Third-Party AI: Assessments, Contracts, and Ongoing Assurance
AI is now embedded in nearly all B2B software, creating new challenges for privacy and governance teams. Linna Hsii (Senior Counsel, Airbnb), Nik Fuller (CEO, FLLR Consulting), and Jen Luther (Head of Product, Privacy, & Policy Legal, Superhuman) discussed best practices for due diligence, contractual safeguards, and continuous monitoring when adopting third-party AI tools.
Hear how leaders govern foundational AI models, new AI capabilities from existing vendors, and emerging AI tools while maintaining control of risk.
Managing Risk in AI Products: How to Promote Responsible Innovation
As organizations race to build AI into products and internal tools, governance leaders must protect personal data while enabling innovation. Nishant Bhajaria (Data Privacy Author and Executive), Seth Schreiberg (Head of Privacy and Product Legal, Ancestry), Steven Robinson (Senior Privacy Legal Executive, Ex-Ricoh USA CPO & AGC), and Diane Lu (Senior Counsel, SoftBank) shared practical frameworks for embedding responsible AI practices throughout the product lifecycle.
Learn approaches for balancing speed-to-market with strong risk controls and regulatory readiness.
AI Regulation Update: Getting Ahead of New US State Laws
The US AI regulatory landscape is evolving rapidly. Matthew Ferraro (Partner, Crowell and Moring) and Jonathan Tam (Partner, Baker McKenzie) broke down the most critical obligations emerging from new state laws, including algorithmic impact assessments, disclosure requirements, and related governance mandates.
Get practical guidance on identifying what applies to your systems, prioritizing compliance work, and building governance programs that can adapt as more states introduce legislation.
Building Continuous Web and App Privacy Governance
The most visible privacy risks live on websites and mobile apps, yet many organizations lack consistent governance across these surfaces. In this session, Jodi Daniels (CEO, Red Clover Advisors) and Crystal Ferguson (Senior Manager Data Privacy, Virgin Voyages) shared how governance programs are built in practice, and Chris Hoponick (Enterprise Sales Director, Privado) showed how Privado AI continuous scanning can automate privacy audits in a live product demo.
Privado AI Agentic Assessments: Eliminate Manual Work and Reduce Risk
The manual effort involved in privacy assessments can now be dramatically reduced with agents that analyze and take action. In this session, Vaibhav Antil (CEO, Privado AI) showed how teams use Privado AI’s Agentic Assessments to populate assessments by importing documents and contracts, then letting agents extract processing details, conduct risk analysis, and document evidence.
Hear customer use cases and see a live demo of assessment automation in action.
Customer Spotlight: How HP Scaled Data Mapping and Risk Mitigation with Privado AI
HP operates at global scale, requiring privacy visibility and controls that keep pace. Carl Mathis (Principal Privacy Architect, HP) shared how HP uses Privado AI to monitor personal data processing in real time and proactively mitigate privacy risk.
Learn what challenges HP faced and how dynamic data maps and privacy code scanning support scalable risk management.
Real-Time Data Mapping with Privado AI Agents and Software Scanning
Questionnaire-based data mapping is often slow, imprecise, and incomplete. Ben Werner (Product Marketing Lead, Privado AI) demonstrated how teams map real-time data flows by scanning internal software code and third-party tools, then use agents to extract processing details from documentation and contracts to fill gaps.
See how teams can prefill RoPAs with more accurate data processing and contractual information.
Developing Responsive Privacy Programs and Driving Impact
Privacy teams face shifting priorities, expanding responsibilities, and complex regulatory change. Beatrice Botti (Chief Privacy Officer, DoubleVerify), Rachel Wallis (Membership Director, The Data Privacy Board), and Gina Nese (VP Associate GC, Compliance & Privacy Officer, Align Technologies) shared real-life examples of designing privacy programs that stay responsive under pressure.
Get best practices on prioritization, cross-functional alignment, and metrics that help teams drive measurable impact.
Privacy Career Growth Planning and Best Practices
There is no single clear path to career growth in privacy. Jared Coseglia (Founder & CEO, TruLegal) and Hershel Eisenberger (Head of Global Privacy, The Coca-Cola Company) shared market-backed guidance on the skills with the most leverage, what hiring managers are prioritizing, and how leaders can attract and retain talent in the modern era of privacy and AI.
Get practical career and staffing insights tailored to privacy professionals.
Industry insights you won’t delete. Delivered to your inbox.
Get regular updates from Privado AI
Request free website audit
Request Privado AI demo
