Use our global calendar of privacy events to locate an event near you.
Recent congressional hearings and data breaches have prompted legislators, advocacy groups, and business leaders to call for broad federal privacy legislation. Furthermore, congressional leaders in both parties have expressed an interest in taking up privacy legislation and various Members of Congress have released drafts of bills intended to spark discussion. As Congress returns to session in September, legislators will face continuing questions about how to develop federal legislation to protect personal information.
On September 11, the Center for Technology Innovation at Brookings will host a public discussion on the status of federal privacy legislation. This event, part of Brookings’ ongoing focus on the privacy debate, will examine expected legislation through the eyes of keynote speakers and two expert panels. The first panel, which will be a live taping of the Lawfare Podcast, will look through the broad lens of competing visions of what legislation should accomplish and the impact on businesses and individuals. The second panel will delve into specific issues presented by proposals for legislation, the path forward to passage, and the prospects.
Following the discussion, each panel will take questions from the audience.
As Congress currently works toward a national data privacy law, how will existing and emerging innovations be impacted, including connected devices, applications, and the cloud? What will be the effects of stronger transparency and disclosure requirements on consumer-facing technologies and companies? What will privacy compliance look like for companies who offer online or cloud-based products and services? How can we protect consumer rights in the emerging world of around-the-clock digital connections?
On September 16, the Center for Technology Innovation at Brookings will host a public discussion on how federal legislation should account for a variety of nuanced verticals, including health care, commerce, and education. Panelists will discuss how pending legislation should allow for innovation, while still ensuring greater consumer transparency. The event will also examine the context and application of any new data law and its effect on various online, behavioral activities managed by consumers.
Following the discussion, the panel will take questions from the audience.
The aim of the conference is to explore the practical implementation of EU data protection rules within the law enforcement sector and highlight some of the practical challenges that data protection experts face in light of developments in policing, society as a whole and a rapidly changing criminal environment.
The conference is organised by the Danish National Police and ERA in cooperation with Europol’s Data Protection Experts Network (EDEN) and will bring together internationally renowned practitioners from law enforcement and security authorities with privacy experts, academics and civil society representatives.
- Data-sharing, GDPR and the police: how to fight crime in the age of GDPR?
- Passenger Name Record (PNR) data
- “Data protection by design” through legislation?
- Policing in the age of artificial intelligence (AI), open source intelligence (OSINT) and the Internet of Things: proportionality in an age of data abundance
Who should attend?
Law enforcement officials, data protection officers, members of Europol’s Data Protection Experts Network (EDEN), representatives of national data protection authorities, academics.
Certification Training September 22-23
Workshops September 23
Conference September 24-25
About the Workshop
Over the past decades, a multitude of security and privacy enhancing technologies has been developed and brought to considerable maturity. However, the design and engineering of such technologies often ignores the organizational context that respective technologies are to be applied in. This workshop aims to bring together engineering and organizational/behavioral scientists active in the field of security and privacy in order to facilitate a better match between those – so far – largely disconnected perspectives. It’s explicit goal is to pave the way for technical security and privacy mechanisms and systems that match organizational needs and givens better than current ones.
Call for Papers
Over the past decades, a multitude of security and privacy enhancing technologies has been developed and brought to considerable maturity. However, the design and engineering of such technologies often ignores the organizational context that respective technologies are to be applied in. A large and hierarchical organization, for example, calls for significantly different security and privacy practices and respective technologies than an agile, small startup. Similarly, whenever employees’ behavior plays a significant role for the ultimate level of security and privacy provided, their individual interests and incentives as well as typical behavioral patterns must be taken into account and materialized in concrete technical solutions and practices. Even though research on security- and privacy-related technologies increasingly takes into account questions of practical applicability in realistic scenarios, respective approaches are typically still rooted in the technical domain alone, motivated by technical givens and constraints from the practice.
On the other hand, a substantial body of organization-related security and privacy research already exists, incorporating aspects like decision and governance structures, individual interests and incentives of employees, organizational roles and procedures, organizational as well as national culture, or business models and organizational goals. Nonetheless, these research activities are only seldomly translated into concrete technical mechanisms, frameworks, and systems.
This disconnection between rather technical and rather organization-related security and privacy research leaves substantial room for improving the fit between concrete technologies on the one and organizational practices on the other hand. Achieving a better fit between these two sides through security and privacy technologies that soundly incorporate organizational and behavioral theories and practices promises substantial benefits for organizations and data subjects, engineers, policy makers, and society as a whole.
The aim of this workshop is therefore to discuss, exchange, and develop ideas and questions regarding the design and engineering of technical security and privacy mechanisms with particular reference to organizational contexts. We invite papers from researchers and practitioners working in security- and privacy-related systems engineering as well as in the field of organizational science to submit their original papers to this workshop. Topics of interest include, but are not limited to:
- Security and privacy technologies consciously addressing different organizational structures
- Security and privacy technologies and individual behavior
- Security and privacy technologies and organizational / national cultures
- Security and privacy technologies for and in unusual organizational settings
- Engineering methods, frameworks, and assessment approaches for addressing the above subjects in novel ways
We particularly welcome papers explicitly translating findings and insights from organizational and behavioral theory into the concrete design and engineering of technical security and privacy mechanisms as well as papers evaluating, assessing, or scrutinizing existing security and privacy technologies against actual organizational and behavioral theories and/or givens from the practice. Papers without relation to concrete technologies are, however, not excluded in general.
Types of Papers
Besides regular (max. 16 pages) and short (max. 8 pages) papers, we also invite practical demonstrations, intermediate reports, and mini-tutorials on respective technologies currently under development. Such contributions should be consciously tailored to inspire more in-depth discussions. Submissions falling under this category should describe the proposed contribution to the workshop in no more than 4 pages and be explicitly marked as such during the submission process.
Accepted papers will be published in a joint LNCS proceedings together with two other ESORICS workshops. Additional publication opportunities for extended papers in a special issue of an Open Access Journal are discussed.
Authors of accepted papers must guarantee that their papers will be presented at the workshop. At least one author must register.
Submissions must be done via EasyChair at https://easychair.org/conferences/?conf=spose2019 (see also https://easychair.org/cfp/SPOSE2019). Submissions must be formatted according to the LNCS-Template.
Important dates (might be subject to change, depending on publication constraints)
- Submission deadline:
June 14, 2019extended to June 28, 2019 (23:59 CEST)
- Review deadline: July 19, 2019
- Notification to authors: July 26, 2019
- Camera-ready versions: August 16, 2019
- Workshop: September 26 or 27, 2019
Launched in 2016, AI Now’s annual Symposium brings together leading experts from industry, academia, civil society, and government to discuss the biggest challenges we face as AI moves further into our everyday lives.
The Symposium is free and open to the public and tickets will be made available this Summer through AI Now’s website.
For now, just take a minute to save the date on your calendar!
The Future of the COPPA Rule: An FTC Workshop will examine whether to update the COPPA Rule in light of evolving business practices in the online children’s marketplace, including the increased use of Internet of Things devices, social media, educational technology, and general audience platforms hosting third-party child-directed content. The COPPA Rule, which was enacted in 2000 and updated in 2013, requires certain Web site operators to obtain parental consent before collecting, using, or disclosing personal information from children under 13. Workshop topics will include:
- How the development of new technologies or business models, the evolving nature of privacy harms, and changes in the way parents and children use websites and online services, affect children’s privacy today;
- How the Rule should address parental consent for education technology vendors that collect personal information consented to by schools, following on discussions that occurred during the FTC’s Student Privacy and Ed Tech workshop in December 2017;
- Whether the Rule should include a specific exception to parental consent for audio files containing a child’s voice that website operators collect and then promptly delete;
- Whether the Rule should permit general audience platforms to rebut the presumption that all users of child-directed content are children, and if so, under what circumstances;
- Whether the revisions to the Rule made in 2013 have worked as intended or require modification; and
- Whether the Rule should be amended to better address websites and online services that do not include traditionally child-oriented activities, but that have large numbers of child users.
For a more detailed list of topics, see the Commission’s request for public comment on the COPPA Rule
The International Conference of Data Protection and Privacy Commissioners (ICDPPC) will hold its 41st annual meeting in Tirana, Albania in October 2019, announced John Edwards, Chair of the ICDPPC.
“The Conference has not previously met in the Western Balkans and we are delighted to have the opportunity to convene in Albania in two years’ time.
“As a Conference providing leadership at international level in data protection and privacy, it is appropriate to meet in a country that has transitioned to democracy and to learn from people who retain memories of the harshest communist dictatorship of Eastern Europe”, said Mr Edwards.
The event will be hosted by the Information and Data Protection Commissioner (IDP) of Albania.
The International Conference of Data Protection and Privacy Commissioners first met in 1979. It has been the premier global forum for data protection authorities for four decades. The Conference links 114 privacy and data protection authorities from across the globe.
The IDP is the independent data protection authority for Albania. It has been an accredited Conference member since 2010. More information on the IDP is available at www.idp.al.
The indicative dates of the 41st Conference are 10-13 October 2019, but these are subject to confirmation.
Selection of a host more than two years in advance has been a strategic goal for the Conference’s Executive Committee for some years, to enable hosts to have sufficient lead time to organize a major event. This has been achieved for the first time for the 2019 Conference, and is intended to become standard practice for future hosts.
- How can truth emerge in a deep-fake ridden marketplace of ideas?
- Are we ready for the looming challenges to national security, elections, privacy, and reputation?
- What role will technology, law, and norms play in addressing deep-fake destruction?
The Notre Dame Technology Ethics Center invites you to explore these questions and others during a series of panel discussions featuring leading academic, industry and policy experts.