Privacy Engineering Section Forum

The Forum Has Sold Out: Join the Waiting List

We are no longer accepting registrations for the Privacy Engineering Section Forum. If you would like to sign up for the waiting list, please fill out the form below. We’ll notify you if any spaces become available.

Thanks for your interest in the forum! 

 

See Privacy Engineering at Work

The ever-closer connection between people, privacy and technology will be the focus of the next Privacy Engineering Section Forum on October 17 in Austin, Texas.

 

Many thanks to OneTrust for sponsoring this year’s event

 

The Advisory Board

This forum has been designed by the IAPP Privacy Engineering Section Advisory Board, comprised of academics, government and industry experts in privacy engineering and technology. As the new Privacy Engineering Section develops, the board will provide strategic input and drive content for all its programs and activities.

 

Schedule and Program

The Privacy Engineering Section Forum is sponsored by OneTrust

Wednesday, October 17

  • forum 8 a.m. – 5 p.m. Registration Open
  • expand_more1 – 1:30 p.m. Opening Keynote

    Lea Kissner, Principal Engineer, Google

    Leading the security and privacy teams for Google's user infrastructure and social products at Google, Kissner has been intimately involved in the ethical and technical discussions about data use and the future of artificial intelligence.

  • expand_more1:30 – 3 p.m. UX Design with Privacy in Mind

    Patrick Gage Kelley, Security and Privacy User Experience Researcher, Google
    Maritza Johnson, Usable Security and Privacy Researcher, ICSI
    Ilana Westerman, CEO, Co-Founder, Create with Context

    Thanks to the GDPR's mandate for transparency, and increasing savviness on the part of global consumers, there is an increased demand for clear and concise information about how web sites and apps are processing personal data. But what's the best way to communicate to users how their data is being collected, used, transmitted, and shared with partners? How do you know whether the consent you've gathered is valid? What if users opted out simply because they didn't understand what you were asking for? This panel will dive into best practices in UX design, how to evaluate your UX design to ensure it is performing as it should, and how to improve upon what you're already doing.

    What you’ll take away:

    • Metrics on UX engagement and consent
    • Ideas for creating a more transparent user experience
    • Tactics for measuring success
  • local_cafe 3:00 – 3:15 p.m. Refreshment Break
  • expand_more 3:15 – 4 p.m. Keeping It Real: Making Data Governance Possible for Engineers

    Carrie Culley, Senior Principal Program Manager, Online Privacy, Security, and Accessibility, Microsoft
    Euan Grant, Principal Architect, Privacy, Security and Compliance, Microsoft
    David Marcos, CIPM, FIPT, Principal Program Manager, Cloud and Enterprise Privacy, Microsoft

    In the age of big data and artificial intelligence, privacy and responsible data governance are intertwined. Yet scaling data governance for an organization with tens of thousands of engineers and data scientists, and making it all understandable and actionable for them, is a challenge. Microsoft’s response has been to focus on taking privacy out of the abstract and into the practical by turning privacy into an engineering discipline and truly establishing privacy by design. That’s made possible by articulating adequate policy and processes and automating governance tasks such as tagging and data policy monitoring.

    What you’ll take away:

    • How Microsoft has operationalized privacy by design
    • How data governance serves privacy, and vice-versa
    • An introduction to Ethical Computing
  • local_cafe 4 – 4:15 p.m. Refreshment Break
  • expand_more 4:15 – 5 p.m. Mitigating GDPR’s Impact on Cross-Border Data Transfers for Global ICT Vendors

    Frank Dawson, CIPT, Head of Privacy, Nokia Software
    Joy Dion, Digital Experience Program Manager, Nokia Software

    This case study addresses the legal, organizational and technical privacy compliance challenges of providing customer support for an information and communications technology product/service in the GDPR era. Customer support functions involve troubleshooting and solving user problems with a product/service. Personal data can be required to complete these functions. When such functions are provided to EU-based customers and users from outside the EU, GDPR cross-border data transfer requirements need to be considered and a lawful basis established prior to such transfers. This is easier to do in theory than in practice. Here we outline the combination of legal, organizational and technical measures an organization must put in place.

    What you’ll take away:

    • In-depth analysis of challenges around providing customer service in the era of GDPR
    • Legal, organizational and technical solutions that address privacy compliance while providing the necessary end user support

 

Speakers

Carrie Culley

Senior Principal Program Manager, Online Privacy, Security, and Accessibility, Microsoft

Frank Dawson, CIPT

Head of Privacy, Nokia Software

Patrick Gage Kelley

Security and Privacy User Experience Researcher, Google

Joy Dion

Digital Experience Program Manager, Nokia Software

Euan Grant

Principal Architect, Privacy, Security and Compliance, Microsoft

Maritza Johnson

Usable Security and Privacy Researcher, ICSI

Lea Kissner

Principal Engineer, Google

David Marcos, CIPM, CIPT

Principal Program Manager, Cloud and Enterprise Privacy, Microsoft

Ilana Westerman

CEO, Co-Founder, Create with Context

 

Continuing Education

CIPP/E, CIPP/G, CIPP/US, CIPM and CIPT certificate holders automatically receive 3.75 Group A Continuing Privacy Education (CPE) credits for attending the IAPP Privacy Engineering Section Forum. If you have certification questions, please read our CPE policy or e-mail cpe@iapp.org.