Home

Deadline for submissions: Sunday 1 October 2018 (23:59 CET)

Notification to authors: Monday 3 December 2018

Submit papers to: https://easychair.org/account/signin.cgi?key=73289956.qcZYoOQbJbUJgoKs

The California Consumer Privacy Act (CCPA): An Introduction by its Author and Leading Technologists

In this webinar, you will learn:

• What the key provisions of the law mean to you and your customers:
  • “Right to Know”
  • “Right to Say No”
  • “Right to Have Data Kept Safe”
• How existing and forthcoming technologies make it possible to achieve the intent of the CCPA
• How to build a data privacy culture within your enterprise

Hosted by:

Alastair Mactaggart, Chairman, Californians for Consumer Privacy
Justin Antonipillai, Privacy Expert & CEO, WireWheel
John Ackerly, Security Expert & CEO, Virtru
Jocelyn Aqua, Principal, Regulatory Privacy & Cybersecurity, PwC

Webinar Summary:

• In celebration of Data Privacy Day, “an international effort to empower individuals and businesses to respect privacy, safeguard data and enable trust,” please join us in a webinar where we will discuss the California Consumer Privacy Act (CCPA), a landmark piece of legislation designed to increase consumer rights over personal information, establish that privacy is a human right, and set the minimum bar for national privacy regulations.
• This will be the first in a series of webinars to help educate consumers and businesses about the CCPA, how to get ready for it, and to understand that the CCPA will ultimately protect a fundamental human right, while still enabling and promoting innovation and the growth of small and medium-sized businesses and large enterprises.
• The CCPA is set to go into effect on January 1, 2020 and will help people regain ownership and control over their personal information while helping businesses establish trust by ensuring they safeguard people’s personal information.
• Alastair Mactaggart, the Californians for Consumer Privacy Chairman and a force behind the CCPA, along with Justin Antonipillai, the founder and CEO of WireWheel, and John Ackerly, the founder and CEO of Virtru, will discuss the key sections of the CCPA and how technologies, like those developed by WireWheel and Virtru, are making it possible for the CCPA to fully achieve its vision and goals.

FPF’s monthly Privacy Landscape call is scheduled for next Tuesday, Feb. 19, 2019 from 4pm-5pm ET.

The call will focus on state privacy legislation, with particular attention paid to the California Consumer Privacy Act and Senator Carlyle’s consumer privacy bill in Washington State. We expect a robust discussion and will set aside plenty of time for Q&A.

We are fortunate to be joined by Jim Halpert, Co-Chair of DLA Piper’s Global Data Protection, Privacy and Security Practice and Alex Alben, Washington State’s Chief Privacy Officer. Jim is a trusted voice in innumerable state privacy discussions. Alex has deep insight into the ongoing process re: the proposed Washington Privacy Act, including the just-published substitute bill.

Resources:
California Consumer Privacy Act – https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375&search_keywords=California+Consumer+Privacy+Act+of+2018
Washington State consumer privacy bill – http://lawfilesext.leg.wa.gov/biennium/2019-20/Pdf/Bills/Senate%20Bills/5376.pdf
Dial-in info for US callers and commonly requested international numbers are below. If you need an additional country-specific dial-in, please let me know.

We look forward to hearing from everyone – it promises to be a great call!

Dial-in info:
US Dial-In: 1 (888) 545-0687
Passcode: 5784 622#

Belgium: 0800 389 15
France: 0805 102 857
Germany: 0800 222 2013
Ireland: 1800 936 220
Israel: 1809 212 583
Italy: 800 906 150
Netherlands: 0800 0200 273
Poland 0 0800 121 34 45
UK: 0808 238 9856

FPF’s monthly Privacy Landscape call is scheduled for NEXT TUESDAY, May 21, 2019 from 4pm-5pm ET.

FPF staff and Tanya Forsheit (Chair of Frankfurt Kurnit’s Privacy & Data Security Group) will provide an update and opportunity to discuss the status of proposed amendments to the California Consumer Privacy Act (CCPA).

We are also fortunate to be joined by Ashwin Machanavajjhala, (Associate Professor, Director of Graduate Studies, Department of Computer Science, Duke University). Prof. Machanavajjhala will describe and discuss his work regarding Ektelo: an open source framework for defining differentially private computation.

Please note: the presentation will be useful to privacy and compliance experts, but will be of particular interest to technical members of your organization’s team. Please invite interested technologists from your organization to join the call!

Resources:
Ektelo: A framework for defining deferentially private computation
Dial-in info for US callers and commonly requested international numbers are below. If you need an additional country-specific dial-in, please let me know.

We look forward to hearing from everyone – it promises to be a great call!

Dial-in info:
US Dial-In: 1 (888) 545-0687 or 1 (630) 691-2764
Passcode: 8180 550#

Belgium: 0800 389 15
France: 0805 102 857
Germany: 0800 222 2013
Ireland: 1800 936 220
Israel: 1809 212 583
Italy: 800 906 150
Netherlands: 0800 0200 273
Poland 0 0800 121 34 45
UK: 0808 238 9856

Each month, the Future of Privacy Forum hosts a call with thought leaders to discuss topical issues related to privacy and responsible data use.

We will provide an update and opportunity to discuss recent privacy updates to the Android and iOS platforms and app stores.

We will also discuss recent legislative developments regarding biometric technologies. Lawmakers are increasingly passing or considering measures that would limit use of facial recognition or other biometric tech by government agencies and/or companies. These issues are top of mind for legislators at the federal, state, and municipal levels.

Dial-in info for US callers and commonly requested international numbers are below. If you need an additional country-specific dial-in, please let me know.

We look forward to hearing from everyone – it promises to be a great call!

Dial-in info:
US Dial-In: 1 (888) 545-0687 or 1 (630) 691-2764
Passcode: 7267 860#

Belgium: 0800 389 15
France: 0805 102 857
Germany: 0800 222 2013
Ireland: 1800 936 220
Israel: 1809 212 583
Italy: 800 906 150
Netherlands: 0800 0200 273
Poland 0 0800 121 34 45
UK: 0808 238 9856

The aim of the symposium is to foster interaction among diverse communities of research and practice using contextual integrity to reason about privacy, and to design and evaluate, craft regulation, and generate formal logics for privacy.

As the goal of the workshop is to foster discussion around works in progress, the workshop will not publish formal proceedings (so as to not preclude the publication of subsequent versions of those works, improved by workshop feedback). However, with authors’ permission, we will post accepted submissions on the website.

In addition to other benefits, the California Consumer Privacy Act enhances privacy for individuals when data uses cannot be adequately served using consent alone. The CCPA provides incentives for companies to implement safeguards that reduce data privacy risk from even occurring in the first place. Under the CCPA, this can be accomplished by leveraging new technically enforced, risk-based deidentification controls.

Benefits of Non-Consent Processing (via DeIdentification)

Processing data under the CCPA’s deidentification requirements brings many benefits. They include:

For individuals and society:
+Consumer benefits from data processing that is not well supported via opt-in/consent requirements because of the complexity of processing and difficulty of explanation.
+Societal benefits from having more representative, non-discriminatory data to train accurate and representative artificial intelligence and machine learning models.

For data controllers and processors:
+Greater flexibility in complying with data subject requests to delete data.
+Enhanced ability to lawfully share and combine data with third parties.
+Requirements for Non-Consent Processing (via DeIdentification)

Processing protected personal information via CCPA deidentification exceptions requires that proper technical and organizational safeguards are in place.

Those requirements include:
+CCPA increases deidentification standards to a new “2020 De-ID Standard”
+The 2020 De-ID Standard under the CCPA now requires:
+Technical safeguards to prevent recipients of protected information from inadmissibly re-identifying individuals when used on a distributed, multi-party basis.
+Greater protection than otherwise required under laws that were enacted almost a quarter century ago, like the Health Insurance Portability and Accountability Act.
+Context-aware, risk-based management of re-identification risk.
+Protection against re-identification risk from data in the hands of third parties.

Host:
Dave Cohen, CIPP/E, CIPP/US, Knowledge Manager, IAPP

Panelists:
Deven McGraw, Chief Compliance Officer, Ciitizen (former healthcare privacy official at the Department of Health and Human Services)

Khaled El Emam, Professor, University of Ottawa/CHEO Research Institute

Gary LaFever, CEO, Anonos

Justin Antonipillai, CEO, WireWheel

Processing data under the EU General Data Protection Regulation’s legitimate-interest legal basis can bring many benefits, but to do so properly, the right technical and organizational safeguards must be in place. What are those benefits?

They include:
+Greater flexibility in complying with data subjects’ right to be forgotten requests.
+Flexibility in complying with claims to restrict the processing of personal data.
+Exemption from data subjects’ right of portability.
+The ability to claim that technical and organizational measures are in place in the context of automated decision making.
+All of which bring significant value to the organization. If that’s the case, then what are the technical and organizational safeguards that must be implemented to realize these benefits, and how can your organization put them in place? Join us for this privacy education web conference to learn about this and more.

You’ll hear from experts in the field about:

+How merely claiming to have a legitimate interest in the results of processing is not enough without having accountability controls to support data protection by design and default and transparency obligations.
+What types of technical/organizational safeguards help to satisfy the “Balancing on Interest” test to enable legitimate interest as a legal basis for processing under the GDPR.
+The benefits that greater/lawful data use bring when legitimate interest safeguards are implemented properly.
+The risks that exist when claiming legitimate interest as a legal basis without having the proper safeguards in place.

Host:
Dave Cohen, CIPP/E, CIPP/US, Knowledge Manager, IAPP

Panelist:
Ailidh Callander, Legal Officer, Privacy International
Gary LaFever, CEO, Anonos
Rocco Panetta, CIPP/E, Managing Partner, Panetta & Associati

Privacy Lab is a meetup for privacy minded people to foster communication and collaboration. It was founded in January 2015.

The goal of these events is to bring together people who work in the privacy space from different perspectives – people who may not regularly talk to each other – policy people, techies, activists, and academics at big companies, startups, universities, libraries, NGO’s, foundations, civil society and more – that’s one of the benefits of attending. You’ll have an hour on the topic of the evening followed by an hour to talk to each other.

If you enjoy talking privacy – so much so that it’s related to what you do for a living or how you volunteer your time – this is the event for you.

By attending, you’ll be able to hear about what other people and organizations are working on, share what you’re doing and look for new opportunities to collaborate and get involved.