About the IAPP

Caitlin Fennessy, CIPP/US

IAPP

Vice President & Chief Knowledge Officer

+16034279200 X401

Caitlin Fennessy is Vice President and Chief Knowledge Officer at the International Association of Privacy Professionals, where she guides the strategic development of IAPP research, publications, communications, programming and external affairs.

Caitlin is a recognized privacy expert, serving as an inaugural member of the UK International Data Transfers Expert Council, on the German Marshall Global Task Force to Promote Trusted Sharing of Data and on the Future of Privacy Forum Advisory Board. She speaks and leads frequent public discussions on the practical impacts of privacy developments around the world.

Prior to joining the IAPP, Caitlin was the Privacy Shield Director at the U.S. International Trade Administration, where she spent ten years working on international privacy and cross-border data flow policy issues. Caitlin also served as an adjunct professor of international privacy law at the University of Maine School of Law and University of New Hampshire School of Law. Caitlin has a master’s degree in public affairs from Princeton University and a bachelor’s degree in social policy from Northwestern University.

Contributions by Caitlin Fennessy

• A Conversation with CPPA Executive Director Ashkan Soltani
  Speaker at IAPP Privacy. Security. Risk. 2023
• Regulators' rulebook for AI: Bit by bit
  
• Ireland DPC's data transfers decision: Pragmatic punch or knockout blow?
  Westin Research Center
• What Are the Long-term Implications of the Trans-Atlantic Data Privacy Framework
  Speaker at IAPP Global Privacy Summit 2023
• The Challenges of Governing Artificial Intelligence: US and EU Perspectives
  Moderator at IAPP Global Privacy Summit 2023
• Privacy in the World of Hybrid Work: Solving the Cloud Challenge
  Privacy in the World of Hybrid Work: Solving the Cloud Challenge
• ‘Schrems II’ & the EU-US DPF: Stakeholders Volley
  Moderator at IAPP Europe Data Protection Congress 2022
• The New EU-US Data Privacy Framework and Next Steps for Data Transfers
  Moderator at IAPP Europe Data Protection Congress 2022
• Next Steps for Privacy Shield and the Trans-Atlantic Data Privacy Framework
  Speaker at IAPP Privacy. Security. Risk. 2022
• FTC Commissioner Rebecca Slaughter on the Commercial Surveillance Rulemaking
  Speaker at IAPP Privacy. Security. Risk. 2022
• The EU-US Data Privacy Framework: A new era for data transfers?
  Westin Research Center
• An Insider’s Update: The UK International Data Transfers Expert Council
  Moderator at IAPP Global Privacy Summit 2022
• The Austrian Google Analytics decision: The race is on
  Westin Research Center
• Data Protection Officer Requirements by Country
  Westin Research Center
• New EDPB guidelines define international transfers: Dancing in place
  Westin Research Center
• Conversation in Privacy with the EDPB Chair and EDPS
  Speaker at IAPP Europe Data Protection Congress 2021
• Mexican Data Protection: INAI Priorities & Enforcement
  Speaker at IAPP Privacy. Security. Risk. 2021
• Privacy Governance in 2021: Benchmark Your Privacy Program
  Speaker at IAPP Privacy. Security. Risk. 2021
• CPRA/CCPA and State Developments
  Speaker at Virtual San Francisco Bay Area & Silicon Valley KnowledgeNet: September 22, 2021
• Privacy Updates: AI, new SCCs, and China's PIPL, oh my!
  Speaker at Virtual Chennai KnowledgeNet: 8 September 2021
• The UK's new plans for data transfers: An interview with Joe Jones
  Westin Research Center
• Ransomware, data protection and compliance   
  Westin Research Center
• 'Schrems II' DPA investigations and enforcement: Lessons learned
  Westin Research Center
• The Irish High Court judgment on EU-US data flows
  Westin Research Center
• How Google and Apple are shaking up adtech
  Westin Research Center
• Data transfers: Questions and answers abound, yet solutions elude
  Westin Research Center
• Top-10 operational impacts of the CPRA: Part 6: Service providers, contractors and third parties
  Westin Research Center
• Summary of CPRA Contractual Obligations
  Westin Research Center
• 2021 Data Privacy Predictions
  Speaker at Virtual Bristol KnowledgeNet: 27 January 2021
• Building Trust — Charting the Path Forward for Privacy in a Post-COVID-19 World
  Web Conference Speaker
• Cyber Risk, Breaches and Security in 2021
  Web Conference Speaker
• Biden appoints Christopher Hoff to oversee Privacy Shield talks
  Westin Research Center
• A Delicate Balance Part II: Regulatory Pressures vs. Consumer Privacy Attitudes
  Web Conference Speaker
• Raising The Privacy Standard
  Speaker at Virtual Melbourne KnowledgeNet: 1 October 2020
• New EU SCCs: A modernized approach
  Westin Research Center
• A breakdown of EDPB's recommendations for data transfers post-'Schrems II'
  Westin Research Center
• Top-5 operational impacts of Brazil’s LGPD: Part 3 — International transfers
  Westin Research Center
• Privacy Leaders’ Views — The Impact of COVID-19 on Privacy Priorities, Practices and Programs
  Westin Research Center
• Raising The Privacy Standard
  Speaker at Virtual Melbourne KnowledgeNet: 1 October 2020
• Speaker at IAPP Privacy. Security. Risk. 2020 - Canceled
• White Paper – The Skill Set Technologists Need to Implement a Privacy Risk Management Framework
  Westin Research Center
• Practical aspects of the 'Schrems II' decision
  Speaker at Virtual Bristol and London Joint KnowledgeNet: 10 September 2020
• Dual Literacy in Privacy and Security — A Guide for Infosec Professionals
  Speaker at IAPP Summit Sessions 2020 Online
• The Schrems II Decision: The Day After
  Moderator at IAPP Summit Sessions 2020 Online
• The CJEU Decision Unpacked: DPC v Facebook Ireland, Schrems
  Moderator at IAPP Summit Sessions 2020 Online
• The 'Schrems II' decision: EU-US data transfers in question
  Westin Research Center
• Dual Literacy in Privacy and Security — A Guide for Infosec Professionals
  Web Conference Speaker
• FTC Enforcement Lessons in Privacy and Security
  Speaker at IAPP Summit Sessions 2020 Online
• Privacy Framework: Improving Privacy Through Enterprise Risk Management
  Speaker at IAPP Summit Sessions 2020 Online
• California Privacy Rights Act (CPRA): What Lies Ahead?
  Speaker at IAPP Summit Sessions 2020 Online
• User-Centric Privacy: Designing Effective Protections That Meet Users' Needs
  Speaker at IAPP Summit Sessions 2020 Online
• Manual contact tracers and privacy: Building trust is a local effort
  Westin Research Center
• Engineering Formal Privacy Into the 2020 Census
  Speaker at IAPP Summit Sessions 2020 Online
• California Privacy Rights Act: What Lies Ahead?
  Web Conference Speaker
• The Case Against Consent: Designing for Privacy
  Speaker at IAPP Summit Sessions 2020 Online
• CPRA's top-10 impactful provisions
  Westin Research Center
• Virtual justice and privacy: What does COVID-19 mean for due process?
  Westin Research Center
• A timely resource: Updated guide to US government data sharing
  Westin Research Center
• Moderator at IAPP Global Privacy Summit 2020 - Canceled
• Moderator at IAPP Global Privacy Summit 2020 - Canceled
• US Sen. Moran's new privacy bill: Stacking up the federal proposals
  Westin Research Center
• Microsoft launches open-source privacy mapping tool
  Westin Research Center
• White Paper – The Skill Set Needed to Implement a Privacy Risk Management Framework
  Westin Research Center
• White Paper – The Skill Set Needed to Implement a Global Privacy Standard: ISO/IEC 27701 alignment with IAPP CIPM and CIPP/E certifications
  Westin Research Center
• EU representative on 'How to operationalize Article 27' of the GDPR
  Westin Research Center
• Measuring Privacy Operations
  Web Conference Speaker
• The advocate general's 'Schrems II' opinion: What it says and means
  Westin Research Center
• The IAPP's top resources of 2019
  Westin Research Center
• US sens. unveil new federal privacy legislation
  Westin Research Center
• Measuring Privacy Operations in 2019
  LBS Speaker at IAPP Europe Data Protection Congress 2019
• The Privacy Shield review and its potential to impact Schrems II
  Westin Research Center
• Member of Research Advisory Board 2019 - 2022
• White Paper – 5 Steps You Must Take to Prepare for the CCPA
  Westin Research Center
• A closer look at Carnegie Mellon's privacy engineering program
  Westin Research Center
• Inside the Privacy Shield annual review: Increasing common ground
  Westin Research Center
• ISO 27701 Privacy Standard and Certification
  Web Conference Speaker
• The unique challenges CCPA poses for SMEs
  Westin Research Center
• Privacy engineering: The what, why and how
  Westin Research Center
• White Paper – GDPR at One Year: What We Heard from Leading European Regulators
  Westin Research Center
• NIST Privacy Framework nearing completion
  Westin Research Center
• Could the CJEU upend the global framework for data flows by answering a different question?
  Westin Research Center
• Member of Privacy Engineering Section Advisory Board 2019 - 2021
• GDPR compliance: Hits and misses
  Westin Research Center
• Study: An estimated 500K organizations have registered DPOs across Europe
  Westin Research Center
• IAPP FAQs: Are GDPR-compliant companies prepared for CCPA?
  Westin Research Center
• Notes from the IAPP, April 12, 2019
  Westin Research Center
• NIST Privacy Framework recognizes critical need for workforce development
  Westin Research Center