Privacy Engineering Section Forum
The Forum Has Sold Out: Join the Waiting List
We are no longer accepting registrations for the Privacy Engineering Section Forum. If you would like to sign up for the waiting list, please fill out the form below. We’ll notify you if any spaces become available.
Thanks for your interest in the forum!
See Privacy Engineering at Work
The ever-closer connection between people, privacy and technology will be the focus of the next Privacy Engineering Section Forum on October 17 in Austin, Texas.
Many thanks to OneTrust for sponsoring this year’s event
The Advisory Board
This forum has been designed by the IAPP Privacy Engineering Section Advisory Board, comprised of academics, government and industry experts in privacy engineering and technology. As the new Privacy Engineering Section develops, the board will provide strategic input and drive content for all its programs and activities.
Schedule and Program
The Privacy Engineering Section Forum is sponsored by OneTrust
Wednesday, October 17
forum 8 a.m. – 5 p.m. Registration Open
expand_more1 – 1:30 p.m. Opening Keynote
Lea Kissner, Principal Engineer, Google
Leading the security and privacy teams for Google's user infrastructure and social products at Google, Kissner has been intimately involved in the ethical and technical discussions about data use and the future of artificial intelligence.
expand_more1:30 – 3 p.m. UX Design with Privacy in Mind
Thanks to the GDPR's mandate for transparency, and increasing savviness on the part of global consumers, there is an increased demand for clear and concise information about how web sites and apps are processing personal data. But what's the best way to communicate to users how their data is being collected, used, transmitted, and shared with partners? How do you know whether the consent you've gathered is valid? What if users opted out simply because they didn't understand what you were asking for? This panel will dive into best practices in UX design, how to evaluate your UX design to ensure it is performing as it should, and how to improve upon what you're already doing.
What you’ll take away:
- Metrics on UX engagement and consent
- Ideas for creating a more transparent user experience
- Tactics for measuring success
local_cafe 3:00 – 3:15 p.m. Refreshment Break
expand_more 3:15 – 4 p.m. Keeping It Real: Making Data Governance Possible for Engineers
Carrie Culley, Senior Principal Program Manager, Online Privacy, Security, and Accessibility, Microsoft
Euan Grant, Principal Architect, Privacy, Security and Compliance, Microsoft
David Marcos, CIPM, FIPT, Principal Program Manager, Cloud and Enterprise Privacy, Microsoft
In the age of big data and artificial intelligence, privacy and responsible data governance are intertwined. Yet scaling data governance for an organization with tens of thousands of engineers and data scientists, and making it all understandable and actionable for them, is a challenge. Microsoft’s response has been to focus on taking privacy out of the abstract and into the practical by turning privacy into an engineering discipline and truly establishing privacy by design. That’s made possible by articulating adequate policy and processes and automating governance tasks such as tagging and data policy monitoring.
What you’ll take away:
- How Microsoft has operationalized privacy by design
- How data governance serves privacy, and vice-versa
- An introduction to Ethical Computing
local_cafe 4 – 4:15 p.m. Refreshment Break
expand_more 4:15 – 5 p.m. Mitigating GDPR’s Impact on Cross-Border Data Transfers for Global ICT Vendors
This case study addresses the legal, organizational and technical privacy compliance challenges of providing customer support for an information and communications technology product/service in the GDPR era. Customer support functions involve troubleshooting and solving user problems with a product/service. Personal data can be required to complete these functions. When such functions are provided to EU-based customers and users from outside the EU, GDPR cross-border data transfer requirements need to be considered and a lawful basis established prior to such transfers. This is easier to do in theory than in practice. Here we outline the combination of legal, organizational and technical measures an organization must put in place.
What you’ll take away:
- In-depth analysis of challenges around providing customer service in the era of GDPR
- Legal, organizational and technical solutions that address privacy compliance while providing the necessary end user support
Senior Principal Program Manager, Online Privacy, Security, and Accessibility, Microsoft
Head of Privacy, Nokia Software
Security and Privacy User Experience Researcher, Google
Digital Experience Program Manager, Nokia Software
Principal Architect, Privacy, Security and Compliance, Microsoft
Usable Security and Privacy Researcher, ICSI
Principal Engineer, Google
Principal Program Manager, Cloud and Enterprise Privacy, Microsoft
CEO, Co-Founder, Create with Context
CIPP/E, CIPP/G, CIPP/US, CIPM and CIPT certificate holders automatically receive 3.75 Group A Continuing Privacy Education (CPE) credits for attending the IAPP Privacy Engineering Section Forum. If you have certification questions, please read our CPE policy or e-mail firstname.lastname@example.org.