Picking up a torch lit by Viktor Mayer-Schönberger at last November’s IAPP Europe Data Protection Congress, the closing keynote panel discussion at the IAPP Data Protection Intensive last week in London explored the future of data collection and use, notice and choice, in a world that is increasingly connected and populated with devices that collect data without interfaces and without off buttons.
Moderated by Jules Polonetsky, CIPP/US, of the Future of Privacy Forum, the panel featured two of Mayer-Shönberger’s co-authors of the paper he presented last fall, and which has recently been updated: Peter Cullen, CIPP/US, general manager of Microsoft’s Trustworthy Computing Group, which has been doing extensive work in this area, and Fred Cate, long-time privacy researcher, and currently distinguished professor at Indiana University. They were joined by former UK ICO Richard Thomas and Chairman of the Dutch Data Protection Authority Jacob Kohnstamm.
Without question, the idea of focusing on the use of personal data, rather than its initial collection, is a contentious one. Calls for updates to the OECD privacy principles that have shaped privacy regulation since 1980 have been met with derision from some advocates and regulators.
However, in this first part of the lengthy keynote discussion, Cate lays out the argument for why the FIPPs, and the way they are being applied, are no longer enough to support privacy regulation. Cate explores “how to make sure that, without changing any of the fundamental goals, we’re using tools that work, whether you think it’s a brave new world, or a horrible new world, we’re heading into.”
The IAPP will be rolling out the responses to Cate's initial presentation over the course of the next week. Stay tuned to our YouTube Channel and the Daily Dashboard for updates.