eWhite House Watch - Full Article

eWhite House Watch returned for another great opportunity to report on the annual International Association of Privacy Professionals (IAPP) Global Privacy Summit in Washington D.C..

In the world of Cambridge Analytica and Facebook troubles, GDPR, and most recently, the new California privacy law, data protection and privacy have become a mainstream topic of conversation.  That is why the IAPP Global Privacy Summit of 2018 this year was described as “A Monumental Conference for A Profession at Crossroads.” As always, the world’s biggest privacy conference hosted more than 3,500 attendees, collaborating and seeking answers to important global privacy issues, highlighting topics such as survival, resilience, digital reputation, and equality, with a large focus in trust.

These issues were driven home by the conference’s distinguished Keynote Speakers, including  Social Activist, Writer, and Public Speaker Monica Lewinsky; MEP, International Trade, TiSA Rapporteur Viviane Reding; Writer, Broadcaster, Journalist, and Documentary Filmmaker Jon Ronson, Professor at Columbia University and contributing Editor of the Financial Times Simon Schama; and Birgit Sippel, MEP, Group of the Progressive Alliance of Socialists and Democrats.

The keynote speakers gave in depth discussions on issues central to the conference such as the EU’s position in global trade and the digital economy, spearheaded by MEP Reding. Additional topics included changes in the internet and the growing prominence of social media as well as the EU’s new Privacy regulation and their stance on Privacy in the 21st century.

The Conference hosted a plethora of other speakers, ranging from in-house counsel at prominent corporations, government officials, and cybersecurity experts.   In the segment titled “A Fireside Chat with the Chair of the Article 29 Working Party”, Chairwomen of the WP 29 and Director of the Austrian Data Protection Authority Andrea Jelinek, together with Corporate VP and Deputy General Counsel at Microsoft Julie Brill discussed the main areas of uncertainty remaining in the GDPR.  These two prominent speakers brought forth important questions such as: What will enforcement look like once the GDPR comes into effect? How will European regulators handle and coordinate cross-boarder investigations? How do DPAs keep up-to-date on artificial intelligence, machine learning, and similar advanced technologies? And what will data protection look like five years from now?

Staying true to years past, the conference hosted many remarkable panels and discussions.  Some interesting sessions included: Mitigating Human Risk Factors Through Privacy and Cybersecurity Training; Regulating for Results: Effective Use of Both Carrot and Stick; and Privileged & Confidential… And Lets Keep It That Way!

One of the most helpful sessions for in-house counsel who assist their companies in compliance was Vendor Risk 2.0. The panel, consisting of privacy pros Michelle Beistle, Dori Kuchinsky and Charlotte Young, focused on such issues as how to set up a process for both, new and existing, vendors, what clauses to have in their contracts, find out what type of data is shared with them and what type of protections are in place.

The Meeting Challenges of Privacy, Security and GDPR Compliance in the Cloud session focused on the key issues in cloud privacy space.  With the exponential growth of cloud use by the business, how to tackle compliance while assisting your business in accomplishing their goals takes center stage.

The Summit also focused on international topics, spotlighting issues involving compliance with and enforcement of GDPR as well as trans-border data flows.  In the “Privacy Shield as the GDPR Comes Online” session, such distinguished speakers as Bruno Gencarelli, the Head of International Data Flows and Protection, European Commission, explained how while Privacy Shield facilitates transatlantic data flows, its intersection with the GDPR may present challenges. The panel’s warning about the Privacy Shield effectiveness has come true when recently the European Parliament threatened to suspect it until the United Stated complies with its terms. No surprisingly, the Parliament specifically referred to Facebook and Cambridge Analytica- both were certified under the Privacy Shield.

Staying true to its reputation, the Summit ushered in thousands of privacy practitioners and provided the opportunity to spread a wealth of knowledge and information from across continents and allowed practitioners to network, correspond on prominent privacy and security issues, and discuss the changing privacy and cyber landscape.  The mindset of the conference can be summed up by Keynote Speaker MEP Reding’s challenge: “Do you want to be a standard maker or a standard taker?”

Leave a Reply