Agenda

Explore the Future of Privacy-Focused Digital Advertising. Join us for in-depth discussions and actionable insights that will shape the future of the industry.

Day One: Wednesday, 05.21.2025

May 21st will be a half-day day kicking off the 2025 NAI Summit featuring in-depth conversations.

*The order of listed panels does not reflect the final schedule. Exact session times will be updated in the coming weeks. The program is subject to change.

  • For 25 years, NAI members have set the bar for responsible data use in digital advertising – building trust, advancing privacy standards, and proving that strong data protection isn’t just compliance, but smart business. As the industry faces mounting regulations and rising consumer expectations, the companies that treat privacy as a strategic asset – not just a legal requirement – will have the edge.

    This panel will cut through the noise to reveal how privacy-forward strategies can drive better business outcomes. You’ll hear from industry leaders on how to transform privacy from a compliance necessity into a revenue multiplier, leveraging privacy-enhancing technologies and airtight data practices to strengthen customer relationships and avoid the pitfalls of data leakage. Attendees will leave with actionable insights to differentiate their businesses, protect their data’s value, and make privacy a core part of their competitive advantage – while also reinforcing their role as trusted NAI members shaping the future of responsible advertising.

    Speakers:

  • There is broad consensus in both policymaking and enforcement of existing laws on the need to balance important goals of limiting privacy harms and maximizing competition benefits. But this hasn’t proved easy in practice. This panel will examine privacy and competition outcomes (realized and expected) from recent enforcement actions, as well as assess how to advance policies that can more effectively balance these key priorities. Attendees will learn:

    • What is the latest with various state and federal competition enforcement actions, particularly with respect to their potential impact on digital advertising industry

    • What is the trajectory of Trump administration policies driving future enforcement

    • What is in the pipeline re: new legislation seeking to balance these important priorities

    Speakers:

    • Alan Chapell, Outside Counsel Privacy Adviser @ Eyeota

    • Mark Hamer, Deputy Assistant Attorney General @ Department of Justice

  • With consumers interacting with so many different businesses online, laws in some states seek to address challenges consumers may face in exercising their rights at scale by requiring businesses to honor certain consumer privacy requests submitted not just by consumers themselves, but also by “authorized agents” designated by consumers to act on their behalf.

    In practice, however, the exercise of consumer rights by authorized agents has been rife with challenges. On the one hand, some authorized agent providers are overpromising what they can do for consumers and or failing to make clear what consumers’ privacy rights are; and on the other, some businesses receiving request from authorized agents are challenged to respond to high volumes of requests by properly verifying them and responsibly processing excessive consumer personal information that may be included by authorized agents in the requests. A lack of clear standards in the authorized agent space is contributing to these problems. So where can we go from here? In this panel, Summit attendees will learn:

    • How (and whether) different state privacy laws empower authorized agents to act on behalf of consumers;

    • How authorized agent providers present their services to consumers and how they are structuring requests to businesses;

    • The challenges ad-tech companies face in processing and responding to authorized agent requests that lack standardization and include excessive consumer personal information;

    • What prospects exist for improving authorized agent services, both from the consumer perspective and to improve efficiency in business responses.

    Speakers:

  • Hear from Michael Macko, Deputy Director for Enforcement, CPPA

    Speakers:

    • Michael Macko, Deputy Director for Enforcement @ California Privacy Protection Agency

    • Tony Ficarrotta, Vice President & General Counsel @ The NAI

Day Two: Thursday, 05.22.2025

May 22nd will be a full day of insights from expert speakers

*The order of listed panels does not reflect the final schedule. Exact session times will be updated in the coming weeks. The program is subject to change.

  • After 25 years of thought leadership on privacy and data collection, the NAI is ushering in a new era of self-regulation. With the launch of a new set of privacy principles and a foundational self-regulatory framework that supersedes the legacy 2020 NAI Code of Conduct, the NAI is charting a new course that will set help companies ensure that they have processes and procedures in place to achieve compliance with the constantly evolving legal and regulatory environment. This session, which will feature NAI leadership, NAI members and attorneys who advise ad tech companies, will explore the Framework’s creation, its requirements, the challenges we hope to help solve, and how members can demonstrate compliance. The session will also focus on the future implications and evolution of the Framework and how they impact NAI members and the industry.

  • Despite a recent focus on data minimization in multiple new state and proposed federal laws, consumer privacy in the U.S. continues to rely largely on a notice-and-choice architecture. But there are, increasingly, competing approaches to providing choices to consumers online. These competing approaches have evolved from voluntary industry opt-out tools; to site-by-site opt-out links mandated by state laws, to global browser or device level settings. This leads to questions about how to navigate these different approaches to get choice right for consumers. In other words – how can we simplify choices for consumers and facilitate business compliance without confusing and frustrating consumers with multiple, dissonant privacy choices? In this panel we will discuss:

    • The role of centralized third-party opt-out tools managed by industry self-regulatory groups;

    • How GPC is faring with respect to state legal requirements and market uptake; including how direct, business-specific consent choices align with global opt-out preferences set by consumers; 

    • The status of the California Privacy Protection Agency’s proposed “DROP” (Delete Request and Opt-Out Platform) for data brokers;

    • GPP adoption and implementation;

    • Visions for a successful notice and choice framework as these different approaches evolve.

    Speakers:

  • Consumer privacy legislation continues to evolve across state legislatures every year, resulting in significant divergence across key provisions related to digital advertising. Meanwhile, the U.S. Congress hit the reset button on a national privacy law in 2025. This session will explore the latest key trends across the state and federal legislative landscape, along with a look forward into the proposals that are blazing a new path in U.S. privacy law, as well as the implications for the digital advertising industry. Attendees will learn:

    • What are the most challenging provisions across new state laws;

    • What does the federal privacy legislative landscape look like, and how might it impact the existing state patchwork;

    • What approaches the NAI and digital advertising businesses should be promoting.

    Speakers:

  • Aggressive privacy enforcement in the U.S. has continued apace through 2024 and into 2025.  This has included new activity from now-mainstay regulators like the California Privacy Protection Agency and the Federal Trade Commission; but now also includes new states whose privacy laws have come online for the first time. But across jurisdictions, privacy enforcement has continued to focus on ad-tech and associated data flows. This session will feature expert privacy attorneys who represent ad-tech companies across the table from regulators, and provide an on-the-ground perspective on the most important regulatory trends impacting digital advertising companies at the state and federal level. Attendees will learn:

    • Updates on activity from different regulators, including FTC, CPPA, and state AGs; as well as 

    • Specific areas of focus across jurisdictions, including enforcement activity related to:

      • Data brokers

      • The use of sensitive data (including health and location-related data) for audience segmentation, and regulator reception of methods to decrease risk like de-identification and rendering data non-sensitive

      • Consumer choice mechanisms, including how companies are obtaining (or failing to obtain) consent.

    • What to expect for the remainder of 2025, both from new states beginning to enforce their privacy laws as well as an FTC under new leadership.

    Speakers:

    • Ken Dreifach, Partner @ ZwillGen

    • Daniel Goldberg, Partner @ Frankfurt Kurnit

    • Jessica Lee, Chief Privacy & Security Partner; Chair, Privacy, Security & Data Innovations @ Loeb&Loeb

    • Tracy Shapiro, Partner, Privacy & Cybersecurity @ Wilson Sonsini Goodrich & Rosati

  • U.S.-based ad-tech providers have spent recent years getting up to speed on new consumer privacy requirements, including new consumer rights to opt out of “sales,” to request data deletion, and the need for consent before processing “sensitive” personal data. However, unlike their European counterparts, U.S.-based ad-tech companies have not had to contend with compliance requirements for cross-border data flows such as adequacy decisions, standard contractual clauses, or the like.  

    However, the passage of the Protect Americans’ Data From Foreign Adversaries Act (PADFAA) and the finalization of the DOJ’s rule banning bulk sales of U.S. sensitive personal data to countries of concern have upended the status quo.  In this session, attendees will learn about:

    • The policy considerations motivating new restrictions on cross-border data transfers;

    • How PADFAA and the DOJ rule are expected to apply to common ad-tech data flows;

    • Compliance considerations for preventing transfers of U.S. personal data to entities controlled by "countries of concern”and for managing other regulated data flows; and

    • Outlook for enforcement and further guidance from DOJ and FTC.

    Speakers:

    • Chris Hoofnagle, Faculty Director & Professor of Law in Residence @ Berkeley Center for Law & Technology

    • Sam Castic, Partner @ Hintze Law

    • Ghita Harris-Newton, Senior Director, Government Affairs & Public Policy, Ads @ Google

    • tbd

  • Hear from the Head of the Federal Trade Commission.

  • There have been ongoing efforts for years to standardize and drive adoption of more private advertising standards by leveraging technologies and standards including clean rooms, TEEs (Trusted Execution Environments), Privacy Sandbox standards, etc.  But where are the fruits of those labors? On this panel, we’ll hear from companies that are actively implementing these methods to get a snapshot into what problems, how widely they’re being adopted, and whether they are driving business results. Attendees will learn:

    • What privacy-enhancing methods and standards are gaining traction?

    • What privacy benefits are being realized today?

    • How effective are these methods compared to status quo?

    • Hopes and plans for the future of these methods

    Speakers: