Use our global calendar of privacy events to locate an event near you.
The year 2019 may be a turning point for data privacy law. Privacy law in the United States is famously a hole-ridden patchwork of state laws, sectoral legislation, and consumer protection. Whether in response to the European Union’s General Data Protection Regulation or to California’s enactment of its Consumer Privacy Act, over this past year state and federal legislators have been proposing new data privacy laws at an energetic rate.
How will we govern the technology of the near future? Will the United States join the rest of the world in recognizing data privacy rights or will it take its own approach? Will these choices even matter in practice, given the long reach of both EU and California law?
This conference will bring together academics, practitioners, technologists, and regulators to discuss the near future of U.S. data privacy law. Specifically, we will explore municipal bans on surveillance technology, new state privacy laws, the future role of the Federal Trade Commission, and proposed federal legislation.
Those who cannot attend the event in person may also register for the free livestream.
The aim of the conference is to explore the practical implementation of EU data protection rules within the law enforcement sector and highlight some of the practical challenges that data protection experts face in light of developments in policing, society as a whole and a rapidly changing criminal environment.
The conference is organised by the Danish National Police and ERA in cooperation with Europol’s Data Protection Experts Network (EDEN) and will bring together internationally renowned practitioners from law enforcement and security authorities with privacy experts, academics and civil society representatives.
- Data-sharing, GDPR and the police: how to fight crime in the age of GDPR?
- Passenger Name Record (PNR) data
- “Data protection by design” through legislation?
- Policing in the age of artificial intelligence (AI), open source intelligence (OSINT) and the Internet of Things: proportionality in an age of data abundance
Who should attend?
Law enforcement officials, data protection officers, members of Europol’s Data Protection Experts Network (EDEN), representatives of national data protection authorities, academics.
The Future of the COPPA Rule: An FTC Workshop will examine whether to update the COPPA Rule in light of evolving business practices in the online children’s marketplace, including the increased use of Internet of Things devices, social media, educational technology, and general audience platforms hosting third-party child-directed content. The COPPA Rule, which was enacted in 2000 and updated in 2013, requires certain Web site operators to obtain parental consent before collecting, using, or disclosing personal information from children under 13. Workshop topics will include:
- How the development of new technologies or business models, the evolving nature of privacy harms, and changes in the way parents and children use websites and online services, affect children’s privacy today;
- How the Rule should address parental consent for education technology vendors that collect personal information consented to by schools, following on discussions that occurred during the FTC’s Student Privacy and Ed Tech workshop in December 2017;
- Whether the Rule should include a specific exception to parental consent for audio files containing a child’s voice that website operators collect and then promptly delete;
- Whether the Rule should permit general audience platforms to rebut the presumption that all users of child-directed content are children, and if so, under what circumstances;
- Whether the revisions to the Rule made in 2013 have worked as intended or require modification; and
- Whether the Rule should be amended to better address websites and online services that do not include traditionally child-oriented activities, but that have large numbers of child users.
For a more detailed list of topics, see the Commission’s request for public comment on the COPPA Rule
The 2-day workshop will introduce you to the EuroPriSe certification scheme: You will learn about EuroPriSe criteria and procedures and train how to specify a target of evaluation (ToE) and to apply the certification criteria in the field. In addition, you will start to work on an exercise to be completed after the workshop, which is one important precondition for being admitted as a EuroPriSe Expert.
The workshop is a combination of classroom and group work and involves practical examples. You will deal with privacy use cases to apply what you have learned and to benefit from the professional exchange with other workshop participants.
Enjoy meeting other privacy professionals from around the globe and expand your professional network!
The 1st Edition of the international conference on FNSSA is organized by the Agro-Food Industries Alliance (funded by Academy of Scientific Research and Technology in Egypt), World Food Program, the Arab Academy for Science, Technology and Maritime Transport (AASTMT, Alexandria), Alexandria University, Egypt, and IEREK – International Experts for Research Enrichment and Knowledge Exchange in collaboration with Springer as a publishing partner.
To take place in Cairo from 1 to 3 December of 2019, the conference will be an opportunity to present and discuss the newest researches related to food, nutrition and sustainable agriculture as well as to shed light on their relationships with the industry. The scientific committee welcomes contributions from academics, researchers and interested participants.
In addition to other benefits, the California Consumer Privacy Act enhances privacy for individuals when data uses cannot be adequately served using consent alone. The CCPA provides incentives for companies to implement safeguards that reduce data privacy risk from even occurring in the first place. Under the CCPA, this can be accomplished by leveraging new technically enforced, risk-based deidentification controls.
Benefits of Non-Consent Processing (via DeIdentification)
Processing data under the CCPA’s deidentification requirements brings many benefits. They include:
For individuals and society:
+Consumer benefits from data processing that is not well supported via opt-in/consent requirements because of the complexity of processing and difficulty of explanation.
+Societal benefits from having more representative, non-discriminatory data to train accurate and representative artificial intelligence and machine learning models.
For data controllers and processors:
+Greater flexibility in complying with data subject requests to delete data.
+Enhanced ability to lawfully share and combine data with third parties.
+Requirements for Non-Consent Processing (via DeIdentification)
Processing protected personal information via CCPA deidentification exceptions requires that proper technical and organizational safeguards are in place.
Those requirements include:
+CCPA increases deidentification standards to a new “2020 De-ID Standard”
+The 2020 De-ID Standard under the CCPA now requires:
+Technical safeguards to prevent recipients of protected information from inadmissibly re-identifying individuals when used on a distributed, multi-party basis.
+Greater protection than otherwise required under laws that were enacted almost a quarter century ago, like the Health Insurance Portability and Accountability Act.
+Context-aware, risk-based management of re-identification risk.
+Protection against re-identification risk from data in the hands of third parties.
Dave Cohen, CIPP/E, CIPP/US, Knowledge Manager, IAPP
Deven McGraw, Chief Compliance Officer, Ciitizen (former healthcare privacy official at the Department of Health and Human Services)
Khaled El Emam, Professor, University of Ottawa/CHEO Research Institute
Gary LaFever, CEO, Anonos
Justin Antonipillai, CEO, WireWheel
Processing data under the EU General Data Protection Regulation’s legitimate-interest legal basis can bring many benefits, but to do so properly, the right technical and organizational safeguards must be in place. What are those benefits?
+Greater flexibility in complying with data subjects’ right to be forgotten requests.
+Flexibility in complying with claims to restrict the processing of personal data.
+Exemption from data subjects’ right of portability.
+The ability to claim that technical and organizational measures are in place in the context of automated decision making.
+All of which bring significant value to the organization. If that’s the case, then what are the technical and organizational safeguards that must be implemented to realize these benefits, and how can your organization put them in place? Join us for this privacy education web conference to learn about this and more.
You’ll hear from experts in the field about:
+How merely claiming to have a legitimate interest in the results of processing is not enough without having accountability controls to support data protection by design and default and transparency obligations.
+What types of technical/organizational safeguards help to satisfy the “Balancing on Interest” test to enable legitimate interest as a legal basis for processing under the GDPR.
+The benefits that greater/lawful data use bring when legitimate interest safeguards are implemented properly.
+The risks that exist when claiming legitimate interest as a legal basis without having the proper safeguards in place.
Dave Cohen, CIPP/E, CIPP/US, Knowledge Manager, IAPP
Ailidh Callander, Legal Officer, Privacy International
Gary LaFever, CEO, Anonos
Rocco Panetta, CIPP/E, Managing Partner, Panetta & Associati
Hear from the IAPP, ICO, IAF, Anonos and Acxiom on the following:
For those at the crossroads of trying to balance data value and privacy, this web conference teaches the fundamentals of EU General Data Protection Regulation-recommended pseudonymization and how it helps organizations to maximize data utility while increasing accountability, ethics and transparency.
Data drives commerce. It opens up opportunities for businesses to build on a global scale. But those opportunities have brought challenges in data innovation and utility, risk and the privacy of individuals. To date, commerce has experimented with consent to manage these risk and privacy challenges. But consent alone no longer works in many situations; we need to go above and beyond consent by itself. This webinar will look at a complement to consent, a technological application that is a “belt and braces” approach to balancing privacy and data value when consent does not work. Panelists will discuss how to fully maximize data value while maintaining privacy, through the use of GDPR-recommended pseudonymization safeguards, to achieve ethical data use, while maximizing data utility.
Join us for this data privacy education web conference to learn about this and more. You’ll hear from experts in the field about:
+What is the 5th Cookie working group (www.5thCookie.com), and what does it hope to achieve?
+How does the 5th Cookie approach leverage GDPR-recommended pseudonymization?
+How does it enable ethical advertising technology/real-time bidding?
+How to apply GDPR-recommended pseudonymization to other data uses (non-adtech/RTB)?
+What are the benefits of leveraging pseudonymization to enforce risk-based data governance policies?
+What do you gain when you can resolve conflicts between maximizing data value and protecting privacy?
+Paul Comerford, Principal Technology Policy Advisor, ICO UK Data Protection Authority
+Martin Abrams, Executive Director and Chief Strategist, International Accountability Foundation
+Gary LaFever, CEO, Anonos
+Dr. Sachiko Scheuing, CIPP/E, European Privacy Officer and Data Protection Officer, Acxiom
You’re an industry expert with knowledge to share. Showcase your industry expertise with our community February 24 – 28 in San Francisco. Get recognition from industry colleagues and take advantage of unparalleled networking opportunities with other cyber security and risk management professionals, industry authorities, and thought leaders from around the world.
Call for Speakers for Full Conference tracks and Learning Labs closes:
Friday, August 2 (11:59 PM Pacific Time).
Call for Speakers for Hackers & Threats tracks and RSAC Sandbox, closes:
Friday, August 16 (11:59 PM Pacific Time).
Complying with GDPR, CCPA and emerging state laws requires a good technical and business understanding of ad tech in order to assess relationships with a wide range of partners.
For a deeper dive into the nuts and bolts of ad tech, please join us on Wednesday, April 8th, from 10am – 12pm Eastern Time for a training on data collection methods and business models for tracking, analytics, and advertising. Topics will include: basic ad delivery and reporting, online and mobile platforms and data flows, real-time bidding (RTB), and analytics as well as an overview of the current discussions on the future of ad tech.
Participants will gain an understanding of:
- How browsers work and why default browser settings matter when performing a cookie audit of a website.
- How online advertising works, including the intricacies of real-time bidding and the interplay between the various participants in the ad-ecosystem.
- An overview of the ideas being discussed in response to the phasing out of support for third-party cookies and the working groups and standards efforts to follow to track the post-cookie discussions.
Expert Speakers Include:
- Christy Harris, Director of Technology & Privacy Research, Future of Privacy Forum
- Dr. Rob van Eijk, Managing Director, Europe, Future of Privacy Forum
Please register as soon as possible, as space is limited.
This event will ONLY be live-streamed for remote participation and will be recorded.