It is simultaneously hard to believe and completely undeniable that the largest annual gathering of privacy professionals in the world — not to mention artificial intelligence governance professionals — is about to descend on Washington, D.C., next week for the IAPP Global Privacy Summit 2024.

As I focus on wrapping up my many loose ends to prepare for a successful event — while also planning for an action-packed schedule next week — I have been struck again and again by the caliber of the keynotes and breakout sessions on the agenda.

I mean, just the books alone! If you read this column with any regularity, you have probably noticed that I am a bit of a nerd. So, it's an understatement to say that I'm thrilled to hear from so many voices from the vanguard of privacy and AI thinking who have written recent books.

  • Kicking off the keynote stage the night before the main conference starts, Joy Buolamwini is a powerhouse speaker on algorithmic bias. Her book "Unmasking AI: My Mission to Protect What Is Human in a World of Machines" was one of my favorite reads last year.
  • Anu Bradford will also join the keynote stage. Her book "The Brussels Effect" is cited often in policy discourse, especially as AI governance policymakers consider whether its test for the spread of EU policy around the world will play out after the EU AI Act. She also has a new book, "Digital Empires: The Global Battle to Regulate Technology."
  • As I'm halfway through reading a feminist retelling of 1984, Sandra Newman's novel "Julia," I'm looking forward to hearing from Anna Funder, whose book "Wifedom: Mrs. Orwell's Invisible Life" is high on my list. It was described as "brilliant, creative hybrid of life writing, feminist polemic and literary criticism, which upends the way we read."
  • And, of course, I never tire of hearing from New York Times journalist Kashmir Hill. Her most recent book "Your Face Belongs to Us" is in my nightstand stack, which may be part of why it still gives me nightmares. Her latest nightmare-inducing investigative report, about the privacy risks of connected cars, has been making waves in the policy world this month.
  • Another prominent voice from journalism, Jeff Jarvis, is also joining the keynote stage. His most recent book "The Gutenberg Parenthesis" is a reflection on how technologies shape culture.
  • And finally, another book on my list "Guardrails: Guiding Human Decisions in the Age of AI" will be featured on the main stage. Urs Gasser is a public policy scholar who is challenging us to move from data governance to decision governance. I look forward to being so challenged!

Beyond books, I'm also excited by the things that will be keeping me busy next week.

My own panel at the GPS is a conversation with four U.S. state privacy enforcers, representing California, Colorado, Connecticut and Oregon. As state laws from the past few years come fully online, we are starting to see the impact in enforcement resources across the first wave of states. Understanding the priorities of these enforcers is a top priority for me, as is helping privacy pros understand how to successfully navigate the compliance landscape. I am looking forward to the insights they can provide us.

With the flurry of state legislative privacy activity continuing apace — and with potential divergences appearing in bills this year in places like Maine and Maryland — I am also particularly looking forward to benefitting from a deep dive in the U.S. State Privacy Workshop. This add-on to the conference is an intensive crash-course on navigating the patchwork.

For a mini version of the same idea, I also just helped to program a last-minute panel on the "state privacy labyrinth." Led by IAPP Westin Fellow Luke Fischer, the panel will feature a diverse set of legal experts focused on operational takeaways from the recent years of navigating state privacy developments.

Speaking of operational governance, I'm eager to learn from my colleague Ashley Casovan and other AI governance policy experts in their panel on "Lessons Learned: Operationalizing NIST's AI Risk Management Framework and other governance frameworks. No doubt the latest major AI governance policy paper will make an appearance too. I was elated this week to be able to finally read NTIA's AI Accountability Policy Report. Though it is targeted at policymakers, the report will also have an immediate impact on governance practices.

As always, I am most interested in hearing directly from regulators, policymakers and others in prominent public service roles that impact the future of tech policy.

  • Data protection authorities from a variety of countries, including John Edwards from the U.K., Haksoo Ko of South Korea, Immaculate Kassit of Kenya, Gilad Semama of Israel, and Ashkan Soltani of the California Privacy Protection Agency, are featured across the agenda.
  • Rohit Chopra, director of the Consumer Financial Protection Bureau, will speak at a fireside chat labeled "Unblurring the Lines: The Future of Financial Privacy."
  • U.S. Principal Deputy Chief Technology Officer Deirdre Mulligan will also sit down for an on-stage conversation.
  • U.S. Equal Employment Opportunity Commissioner Keith Sonderling will join a panel on AI in the global workplace.
  • Two high-ranking officials in the U.S. Securities and Exchange Commission will join a panel on understanding the SEC cyber rules and Delaware fiduciary duties.

As is always the case, there are far more high-profile speakers and exciting takeaways at the IAPP's biggest conference than I can even wrap my head around. Luckily, we do not have to take it all in — just those parts where we end up finding ourselves.

I am looking forward to welcoming all of you here in the Capital. Onward to the GPS!

Here's what else I'm thinking about:

  • Is there hope for a federal privacy law this year? Brookings' Cameron Kerry asked and answered this question through a detailed exploration of the recent history of legislative efforts to pass a comprehensive consumer privacy law in the U.S. Kerry contrasts his reputation for optimism with the grave political situation facing privacy legislation in the U.S. As it happens, there is a Summit panel on this issue too: "Federal Privacy Legislation: Obstacles and Opportunities."
  • "Khanservative" Republicans are a thing now, as U.S. Federal Trade Commission Chair Lina Khan's crusade against Big Tech market power has gained fans on the far right, according to a Wall Street Journal analysis.
  • Speaking of the FTC, the agency released its 2023 report on privacy and data security enforcement trends. The report provides a useful distillation of enforcement trends and other policy developments from the agency related to AI, health, geolocation tracking, financial privacy, and children's and teens' data.
  • With cars in the hot seat, the new report from the Future of Privacy Forum is worth a read. FPF's mobility project, led by Adonne Washington, released a report focused on the privacy implications of enhanced driver safety systems such as impairment detection systems and driver monitoring systems, which are soon to be mandated in U.S. vehicles. Balancing the safety and acceptability of such systems is a challenge — and one that we may be able to learn from in tackling other car privacy concerns.
  • California often serves as a bellwether for state legislative efforts, so an update on California's many active bills is always welcome. Luckily, the IAPP's Andrew Folks, CIPP/US, has just such an update with some helpful analysis of the policy ideas in AI governance and privacy being considered in the Golden State.

Upcoming happenings:

  • 2 April: The IAPP DC KnowledgeNet chapter hosts a happy hour sponsored by CYPFER (The Dignitary).
  • 2 April: The Center for Democracy and Technology hosts its annual fundraising celebration Spring Fling (Dirty Habit).
  • 3 April: The LGBT Tech hosts Transcend Wonderland, an LGBTQ + Allies in Privacy After Party (Pitchers DC).

Please send feedback, updates and book recommendations to cobun@iapp.org.