At the moment of writing this foreword – July 2016 – the reform process of the European data protection law, which was officially launched at the end of January 2012, has formally been completed. The European Parliament adopted the General Data Protection Regulation (now known as Regulation 2016/679). A milestone has been reached on 27 April 2016. The Regulation will apply on 25 May 2018. This does not mean that the debate is over and all is clear. We have now entered a period in which many details need to be sorted out. Conferences, workshops and seminars with titles, such as “The GDPR is now a reality. Are you prepared?”,1 are sprouting. The ninth International Conference on Computers, Privacy and Data Protection (CPDP 2016), like the four former editions, is held in the light or in the shadow of an ongoing reform process, with still quite some uncertainties as to its outcomes. The book you have opened is one of the products of the ninth edition of the annual Brussels-based International Conference on Computers, Privacy and Data Protection (CPDP 2016), which took place on 27, 28 and 29 January 2016, again in the famous Les Halles, in Schaerbeek, at the heart of Brussels.