Practical Privacy Series 2013

Program

 

Washington, DC
December 3: Government
December 4: FTC and Consumer Privacy

 

At-A-Glance

Tuesday, December 3: Government
8 – 8:30 a.m.
Registration and Breakfast
8:30 – 9 a.m.
Keynote
9 – 10 a.m.
Government Use of Social Media: Making It Work
10 – 10:15 a.m.
Refreshment Break
10:15 – 11:15 a.m. The Rise of Identity Proofing Services
11:15 a.m. – 12:15 p.m.
Everything You Need to Know about Appendix J
12:15 – 1:15 p.m. Working Lunch: Briefing on Improving Critical Infrastructure Cybersecurity Executive Order
1:15 – 2 p.m. Privacy Office of One: How to Make an Impact with a Small Staff
2 – 2:45 p.m. 6 Steps to Building Privacy into Big Data Projects
2:45 – 3 p.m. Refreshment Break
3 – 3:45 p.m. BYOD in the Federal Workplace: Privacy Considerations and Case Studies
3:45 – 4:30 p.m. Your Agency Just Had a Privacy Breach—Now What?

Wednesday, December 4: FTC and Consumer Privacy
8 – 9 a.m.
Registration and Breakfast
9 – 9:15 a.m.
Welcome and Introductions
9:15 – 9:45 a.m.
Capitol Hill Keynote: Marsha Blackburn (R-TN), Co-Chair, Privacy Working Group; Vice Chair, FTC Oversight Subcommittee of House Energy & Commerce Committee
9:45 – 10:30 a.m. Private-sector Keynote Jerry Cerasale, Senior Vice President, Government Affairs, Direct Marketing Association
10:30 – 10:50 a.m. Refreshment Break
10:50 a.m. – 12:10 p.m.
Background Screening: Data Brokers and Consumer Reporting Agencies
12:10 – 1:50 p.m. Lunch and FTC Keynote Jessica Rich, Director, Bureau of Consumer Protection, Federal Trade Commission
1:50 – 2:45 p.m. Do Not Track: What’s Next?
2:45 – 3:10 p.m. Refreshment Break
3:10 – 4:25 p.m. Insights from FTC Privacy Investigations: Do’s and Don’ts
4:25 – 5 p.m. Closing Remarks, Summary of FTC Year in Review
 

  GOVERNMENT

 

Government Use of Social Media: Making It Work

Dianna Carr, CIPP/US, CIPP/G, Senior Privacy Analyst, National Protection and Programs Directorate, Department of Homeland Security
Debra Danisek, CIPP/US, CIPP/G
, Associate Director, Privacy Compliance, Department of Homeland Security
Alexander Joel, CIPP/US, CIPP/G
, Civil Liberties Protection Officer, Office of the Director of National Intelligence

In this overview of government social media usage, you’ll hear perspectives from the intelligence, homeland security and situational awareness communities. During an interactive discussion, you’ll learn how to incorporate privacy protections into the operational use of social media while meeting the mission needs.

Presentation

The Rise of Identity Proofing Services

Jamie Danker, CIPP/US, CIPP/G, Verification Privacy Officer, Office of Privacy, U.S. Citizenship & Immigration Services
Naomi Lefkovitz, Senior Privacy Advisor, Information Technology Lab, National Institute for Standards and Technology
Dawn Wiggins, Deputy Executive Director, Office of Privacy & Disclosure, Social Security Administration

The use of identity proofing services is on the rise within the federal government. Come learn how agencies have implemented these programs to authenticate members of the public to their systems through the generation of knowledge-based questions based on commercial identity verification information. You’ll leave with new insights on best practices as well as the top implementation challenges.

Presentation

Everything You Need to Know about Appendix J

Claire Barrett, CIPP/US, CIPP/G, CIPP/IT, Chief Privacy Officer, Department of Transportation
Martha Landesberg, CIPP/US, Senior Director, Oversight, DHS Privacy Office

Need to get up to speed on the NIST SP 800-53 Appendix J? In this session, we’ll explore how to build a privacy program based on Appendix J. We’ll also discuss how compliance with Appendix J fits with other federal privacy-related requirements.

Working Lunch: Briefing on Improving Critical Infrastructure Cybersecurity Executive Order

Helen Goff Foster, CIPP/G, Deputy Assistant Secretary for Privacy, Transparency & Records, U.S. Department of the Treasury

In early 2013, President Obama issued the executive order Improving Critical Infrastructure Cybersecurity. Join us for an overview of the order, designed to enhance the federal government’s efforts to protect the nation’s critical infrastructure cybersecurity. We’ll take a closer look at agency responsibilities and discuss how individual privacy, civil rights and civil liberties protections are embedded into those efforts.

Handout

Privacy Office of One: How to Make an Impact with a Small Staff

Katherine Harman-Stokes, CIPP, CIPP/G, Chief Privacy Officer, U.S. Commodity Futures Trading Commission
Peter Pietra, CIPP/US, CIPP/G, Privacy Officer (TSA), Department of Homeland Security

Most federal agency privacy officers operate with a small staff and limited resources. Learn valuable tips and resources for exerting your influence as a privacy officer, as well as ways to insert privacy protections into existing department processes.

Presentation

6 Steps to Building Privacy into Big Data Projects

Christopher S. Lee, CIPP/US, CIPP/G, Directorate Privacy Officer, Science & Technology Directorate, Department of Homeland Security

Come learn to identify the risks associated with big data projects and gain insight on mitigating them before big data research efforts begin. We’ll also discuss building and implementing Privacy by Design techniques into the lifecycle of your big data projects.

Presentation

BYOD in the Federal Workplace: Privacy Considerations and Case Studies

Jack Gabriel, Assistant Chief Information Officer, Director Operations Assurance, Federal Trade Commission
Kimberly Hancher, Chief Information Officer, Equal Employment Opportunity Commission
Alexander C. Tang, CIPP/US, CIPP/G, Senior Attorney, Office of General Counsel, Federal Trade Commission

Here, we’ll identify the privacy issues associated with BYOD and mobile GFE, including potential monitoring or collection of employee geolocation, web surfing or other data (see Ontario v. Quon); the risks of mobile collection, storage, transmission and processing of PII; and segregating personal and work PII. We’ll discuss how to ensure that your agency’s breach notification response plan adequately addresses BYOD, how to perform a privacy impact assessment for BYOD, how to develop appropriate procedures and rules of behavior for BYOD, and how to determine when, where and how to give privacy, whistleblower protection or other required notices.

Presentation

Your Agency Just Had a Privacy Breach—Now What?

Kathleen Claffie, CIPP/G, Associate Director, Privacy Oversight, Department of Homeland Security

Essential for any government privacy pro, this session will explore the steps to take to mitigate and remediate a privacy breach. You’ll learn best practices, and the five factors involved in risk assessment.

Presentation

 

  FTC AND CONSUMER PRIVACY

 

Background Screening: Data Brokers and Consumer Reporting Agencies

Moderator: Montserrat Miller, Partner, Arnall Golden Gregory LLP
Geoffrey R. Andrews, Chief Operating Officer, Social Intelligence
Rebecca Kuehn, Senior Vice President, Senior Regulatory Counsel, CoreLogic Inc.
Robert Schoshinski, Assistant Director, Division of Privacy and Identity Protection, Bureau of Consumer Protection
Paul Zurawski, Senior Vice President for Government and Regulatory Affairs, Equifax

In the past year, the FTC has taken a number of actions against companies operating inside and outside of the Fair Credit Reporting Act. These actions have included settlements against a criminal background screening company, warnings to online data brokers providing rental history and a study on credit reporting accuracy. Join this discussion of whether FCRA compliance is adequate or if the FTC wants more, and if so, how much more?

Do Not Track: What’s Next?

Moderator: Marc Groman, CIPP/US, President & CEO, Network Advertising Initiative
Pam Dixon,
Executive Director, World Privacy Forum
Christopher Olsen
, Assistant Director, Division of Privacy and Identity Protection, Bureau of Consumer Protection, Federal Trade Commission
David A. Wainberg, CIPP/US
, Privacy & Policy Counsel, AppNexus Inc.
Mike Zaneis
, Senior Vice President and General Counsel, Interactive Advertising Bureau

Many questions remain unanswered about Do Not Track despite agreement among federal regulators, advertisers, browser makers and privacy advocates on the broad concept. The World Wide Web Consortium’s recent rejection of the Digital Advertising Alliance’s industry-developed Do Not Track proposal further reveals the ongoing disagreement on a basic framework for implementation. Does Do Not Track mean simply “do not share” or should it mean “do not collect”? What rights should consumers have under Do Not Track? What role will the FTC play moving forward? Join us to explore these questions and others.

Insights from FTC Privacy Investigations: Do’s and Don’ts

Moderator: Lydia Parnes, Partner, Wilson Sonsini Goodrich & Rosati
Emilio Cividanes, Partner, Venable LLP
Mark Eichorn
, Assistant Director, Division of Privacy and Identity Protection, Bureau of Consumer Protection
Reed Freeman, Jr., CIPP/US, Partner, Morrison & Foerster LLP
Michael Lamb, CIPP/US, Chief Counsel, Privacy and Information Governance, Reed Elsevier