Teodora Pimpireva

The "GDPR-first" strategy is no longer a safety net—it’s a baseline that often fails when it hits local realities. From the draconian biometric requirements of Illinois (BIPA) to the high-stakes world of age verification and minor-specific protections, global data stewardship is now a game of managing contradictions. This session moves past the theory of data transfers to the practical reality of running a global platform with limited resources. We will explore how to build a resilient governance architecture that survives localized crackdowns without paralysing your product roadmap.

• The Biometric Trap & Age Gates: Navigating ID verification and minor-specific safety standards (BIPA, UK Children’s Code, and beyond)
• The Resource Gap: How to prioritize "Localised Risk" vs. "Global Norms" when you don't have a 100-person regulatory resilience team
• Engineering Trust into the Flow: Practical strategies for aligning identity verification and content safety with evolving "dark pattern" user protection laws