European Privacy Association

The European Privacy Association (EPA) is a Brussels-based lobbying group, founded in 2009. Its stated goal is "to enhance data protection and Internet freedom as fundamental principles of democracy." , Karin Riis-Jørgensen is chairwoman of the EPA. Former EP member Pat Cox is among its founders.

EU lobbying watchdog Corporate Europe Observatory (CEO) has asserted that EPA "is working to represent industry interests in the debate on data protection in Europe" and "to promote industry-friendly legislation" as a front group for the IT industry. It has been called an example of an astroturfing organisation that "disguises as an independent thinktank". EPA's Policy and Scientific Committee director, Paolo Balboni, has denied the astroturfing allegation in a letter to the editor of the Financial Times.

In 2013, CEO filed a complaint against EPA because the association had not listed any corporate sponsors in the EU Transparency Register, claiming that it had only ten natural persons as members; EPA then admitted that Microsoft, Google and Yahoo are among its members. According to EPA, the Transparency Register closed the case in June 2013. The organisation changed its status in the Transparency Register from "Think-tank" to the "Trade, business & professional associations", because a think-tank is not allowed to have corporate members.

Research
EPA members have published a number of scientific papers in international law journals.

Privacy by Design & Anonymisation Techniques in Action: Case Study of Ma3tch Technology Balboni, P. & Macenaite, M. (2013) Privacy by design and anonymisation techniques in action: case study of Ma3tch technology, Computer Law & Security Review: The International Journal of Technology Law and Practice 29 (2013), pp. 330–340.

Law Enforcement Agencies (LEAs) Activities in the Cloud Environment: A European Legal Perspective. Balboni, P., & Pelino, E. (2013). Law enforcement agencies' activities in the cloud environment: a European legal perspective. Information & Communications Technology Law, 22(2), 165-‐190. doi: 10.1080/13600834.2013.821812

Legitimate Interest of the Data Controller New Data Protection Paradigm Legitimacy Grounded on Appropriate Protection* Paolo Balboni; Daniel Cooper; Rosario Imperiali; Milda Macenaite. International Data Privacy Law 2013; doi: 10.1093/idpl/ipt019