The IAPP Global Privacy Summit, the biggest global gathering of privacy and data protection professionals, is underway in Washington. The event, with more than 4,000 participants and wide-ranging sessions, is always an extravaganza. I miss meeting lots of friends this year, but if this is your first Summit and you’re confused about something or looking for recommendations, just remember IAPP staff; they magically appear. It works!
During Thursday's Summit, IAPP CEO Trevor Hughes announced the IAPP now has 50,000 members worldwide! As part of the IAPP's celebration of reaching this many members, Hughes brought out on stage the individual who crested the 50,000 mark, KPMG's Steven Robertson, who joined KPMG little more than three weeks ago. Roberston said he has been in the privacy profession for about nine years now working primarily for the Australian Information and Privacy Commissioner. "It’s great to be a member," he said. "And I think this is a good sign you’re up to 50,000. Privacy continues to be important."
Also, just announced at the Summit, European Data Protection Supervisor Giovanni Buttarelli accepted the IAPP Privacy Leadership Award for augmenting the cause of privacy, among other things. If you’re not at the Summit and looking for some good conversation, here’s a recommendation: Watch Mark Zuckerberg (Facebook CEO) and Yuval Noah Harari (the celebrated historian who often stumps us with his view of how the world has shaped and is shaping) discuss multiple aspects around data and data ecosystem. Particularly interesting are the discussions around information ecosystems hacking human brains. Understanding and expectations of privacy are rising and shaping a more balanced world.
Back in the Asia-Pacific, two reports from the People’s Republic of China:
1.) Multiple entities, namely the Network Security Bureau of the Ministry of Public Security, the Beijing Network Industry Association and the Third Research Institution of the Ministry of Public Security, jointly released a “Guide to Protection of Security of Internet Personal Information.” The guide prohibits the large-scale collection or processing of Chinese citizens’ sensitive personal information, such as race, nationality, political view and religious belief, and specifies that covered entities may only collect and use the summary information of personal biometric information, rather than collecting the original information (what happens to the existing data?). I haven’t reviewed it yet but it is seemingly practical in its approach structuring the management regime, technology measures for security, and business procedures to regulate the protection of personal information.
2.) Contrastingly, The Wall Street Journal reports that authorities in Xinjiang, China, are building a massive database, as highlighted by a U.S. Rights Group analysis of Chinese government software, that collects precise locations of its citizens, their mobile app usage, their religious habits and even their electricity and gasoline consumption as part of a technology-driven crackdown that has interred an estimated 1 million Muslim citizens. The software alerts authorities when a person unexpectedly crosses virtual “fences” by driving past a certain checkpoint or checking into a hotel.
Lastly, Thailand’s Data Protection Act is expected to receive Royal assent soon and will come into enforcement one year after its enactment. Here’s a great summary about it here.
Until next time.
If you want to comment on this post, you need to login.