The IAPP’s one-day executive forum was held September 14 at the Dallas Museum of Art, in conjunction with the Privacy Academy 2011. Privacy leaders gathered at Navigate to examine the vital issues facing the privacy profession and to craft a roadmap for the future. Topics explored were: How do we guide trustworthy design? Who should have jurisdiction and control in the cloud? How can we elevate privacy as a core business issue?
The Data Privacy and Trust in the Mobile World whitepaper from Experian uses findings from the Digital Trust Initiative presented in the Designing for Privacy and Trust program at Navigate to offer guidance and best practices for creating mobile applications that build consumer trust.
Designing for Privacy and Trust
Provocateur: Ilana Westerman, Principal, Create With Context
As Privacy by Design continues to grow in importance, companies struggle to translate high-level principles into an actionable method of ensuring trustworthy privacy practices. There are no clear, actionable, standardized guidelines that translate principles into concrete design decisions and there is no standard process for companies to validate—prior to launch—that they have indeed designed for privacy. How can savvy design counter the “notice skepticism” that has taken hold?
The provocateur will postulate that, while consumer privacy research has been done, it still does not provide us with the full picture. Much of this research has been attitudinal surveys, which provide a single perspective on consumers’ attitudes toward privacy. Lacking is deep user experience research that can provide a different lens and give insights into peoples’ underlying goals, motivations and behaviors. How do we get away from focusing on the potential negative impact of data collection and, instead, concentrate on innovation to provide a view of what ‘could be’ for future products and services that benefit consumers? Through lively discussion and debate, challenge the status quo and help shape the future of consumer research and design work that could help direct companies to present trustworthy products and services.
Jules Polonetsky, CIPP, Co-Chairman and Director, Future of Privacy Forum
Anne Toth, Head of Privacy, VP of Policy, Yahoo! Inc.
Ilana Westerman, Principal, Create With Context
Putting Cloud Computing on Trial
Michelle Dennedy, Founder & CEO, iDennedy Project
Christopher Wolf, Co-chair Privacy and Data Security Practice Group, Hogan Lovells US LLP
Cloud computing involves data and data applications stored and processed remotely, often in places far away, sometimes in multiple places, and in places with differing legal regimes. Who has authority to prescribe and enforce rules about personal data in the cloud? When does law enforcement have the right to demand access to data in the cloud?
Decide these critical questions of jurisdiction and control in a “moot court,” where you will put cloud computing on trial and deliberate on the outcome. Provocateurs will portray opposing lead counsel in a hypothetical case involving a nation within the EU requesting a preliminary ruling from the European Court of Justice (ECJ) on whether a cloud computing company with a physical presence within its borders is subject to its enforcement of national data protection laws enacted under the EU Directive. Navigate participants will be split into two groups—counsel for the Petitioner and counsel for the Respondent. Five participants will be selected as "justices" who will be free to question "counsel" about their positions. The judges will have an opportunity to deliberate and will return to deliver a verdict when the group reconvenes.
Required Pre-Reading: Cloud Computing on Trial (PDF 307KB)
Presentation 1 (PDF 223KB)
Selling Privacy at the Top: The Art and Science of Persuasion
Provocateur: Anne Lueneburger, Founder and Leadership Development Coach, North of Neutral
Despite front page stories that illustrate the devastating effects of a data breach, privacy leaders continue to be challenged on a daily basis with how to elevate the significance of privacy as a core business issue. As a profession, how can we successfully sell the importance of data protection across the organization and at the executive and board level? Using a framework developed by leadership development coach, Dr. Anne Lueneburger, you will create a vision for executing a strategy that will raise the profile of privacy across the enterprise.
Along with a mix of scientific and anecdotal data on the topic of persuasion, she will engage you with a general framework that will help you consider the big picture as well as the necessary ingredients for designing your own path, including; managing the ‘Self’, understanding the ‘Other’ and building the ‘Relationship’.
Jennifer Barrett Glasgow, CIPP, Global Privacy and Public Policy Executive, Acxiom Corporation
Sandra R. Hughes, CIPP, Information Governance & Global Privacy Executive, Procter & Gamble Company
Harriet P. Pearson, CIPP, VP Security Counsel & Chief Privacy Officer, IBM Corporation