Privacy Community

A Year of Privacy Discussions: Looking Back and Forging Forward

By Jedidiah Bracy, CIPP/US, CIPP/E

Hard for me to believe, but it’s now been a year since we rolled out Perspectives, our very first blog here at the IAPP. As an organization, we were veering into uncharted territory, but our ultimate purpose was and continues to be to provide a forum for the difficult or practical or funny or just plain outlandish privacy conversations to play out.

Just before Christmas, we posted our top ten blog posts of 2013—all based on page views. But now that a full calendar year has gone by, I thought it worth looking back with a bit more nuance.

More from Jedidiah Bracy

Opinion

The Baffling Case of the Headless EDPS

Peter Hustinx (right) reflects on a career in privacy, with Christopher Kuner, before a standing-room crowd at the IAPP Data Protection Congress 2013 in Brussels.

After working in Brussels for the last 15 years, I have become accustomed to the byzantine machinations of European politics. But the spectacle that is currently unfolding concerning appointment of a new European Data Protection Supervisor (EDPS) and Assistant Supervisor paints a particularly dismal picture of how data protection in the EU can become a political football.

More from Christopher Kuner

Point-Counterpoint

“I Never Said That”—A Response to Cavoukian et al.

In a recent blog post, Ontario Information and Privacy Commissioner Ann Cavoukian et al. offer a response to my keynote address at the IAPP Europe Data Protection Congress in December 2013 and also announce an upcoming whitepaper.

They do so, acknowledging that neither of them had actually listened to what I said at my keynote. Hence, their blog post is based on certain assumptions of what I said. Regrettably, those assumptions are not borne out in fact.

I very much appreciate a robust debate about the future of how we best protect information privacy. It is far too important a value to not do so. But without knowing exactly what I said, the whitepaper may respond to a straw man’s argument and thus offer much reduced value. In the spirit of giving Cavoukian et al.—and the general audience—the opportunity to appreciate what I actually said, here are the facts.

Privacy Profession

What Makes a Good Privacy Professional?

For companies striving to maintain compliance with myriad global data protection and privacy rules, and keeping up with future developments, the privacy professional is key. Increasingly companies seem to think that they have to hire qualified lawyers to fulfil this role, but is that really the case?

Most privacy roles require someone who can advise on the rules and their application in practice. So do you want a lawyer who just advises on the interpretation on the law and leaves decision making on privacy and subsequent implementation to the business? Or do you want a practitioner who can drive the privacy programme from the ground up, making key decisions and delivering privacy effectively across the business?

More from Emma Butler

Opinion

Should Privacy Professionals Have a Code of Ethics?

By K Royal, CIPP/US, CIPP/E

To more accurately assess this inquiry, I looked outside of associations based solely on one’s education and looked for associations based on one’s role or job and I found several examples of codes of ethics for professionals. There are members of IAPP who are also members of some of these other professional associations: HCCA, ISC2, SCCE, just to name a few. Additionally, many members of the IAPP are licensed attorneys and bound by the ethics of their license; such is also true for medical professionals, accountants, social workers, teachers, and many other fields. Alex Fowler addressed this same issue.

Having experience in the medical, educational and legal environments, I am acquainted with the potential for conflict between professional obligations. For example, I occasionally faced conflicts between my obligations as a nurse and my obligations as an attorney. While there is always an eventual decision made after careful analysis, this decision is not always concrete and is subject to context and opinion.

More from K Royal