Charles Helleputte heads up the EU Data Privacy, Cybersecurity & Digital Assets Practice. Charles focuses on existing EU and national privacy, cybersecurity and data topics, covering a wide range of existing or upcoming regulatory frameworks and laws, such as the GDPR, NIS2 Directive, the EU AI Act, eIDAS, etc.).

Charles has specific experience preparing and managing incidents in a cross-border context, where it is necessary to consider multiple cybersecurity, privacy and other regulatory and enforcement frameworks (such as NIS, PSD2, CTR, etc.). He provides practical and pragmatic advice to clients faced with increased accountability requirements towards users (including in the AI space), helping organisations testing new responses, such as broader use of standards or certification mechanisms across the data life cycle in a wide range of industries (regulated and not regulated). He is also experienced in representing clients before national and EU supervisory authorities and courts, including the Working Party No. 29 (now the European Data Protection Board (EDPB)).

Charles holds a Certified Information Privacy Professional/Europe (CIPP/E) certification. He is a former co-chair of the Brussels KnowledgeNet Chapter of the International Association of Privacy Professionals (IAPP) and an appointed legal expert at the EU Cybersecurity Agency (ENISA). He is a member of the IAPP EU Advisory Board and designated on the expert list for the EDPB. He plays an active role in the Digital Economy Committee at AmCham EU, which represents interests of US businesses in Europe. He also lectures at UCLouvain and is a founding member of the research group Data, Robotics, Artificial Intelligence, Law and Society (DRAILS).