Privacy Advisor

Notes from the Executive Director

May 1, 2007

After nearly a year of work, the President's Identity Theft Task Force recently issued its comprehensive strategic plan for the government's coordinated approach to fight identity theft. The report documents the challenges that privacy professionals grapple with everyday - whether they work in the public or private sectors. The report notes that in the past eight years, identity theft has "become more complex and challenging for the general public, the government, and the private sector."

It's no mistake that the IAPP's inception and maturity into the world leader of privacy networking, education and certification occurred during that same eight years. We have been part of the solution, and organizations have come to count on us to help them understand the privacy and security challenges they face as well as the potential solutions.

Innovation has thrived during those eight years. The crooks have stayed ahead of the curve, constantly forcing organizations to do the same to thwart them. Lawmakers at the state and federal level have responded with laws intended to help consumers. Regulators have done their part too. But as the report points out, the steady stream of revelations about security breaches is leaving consumers feeling "vulnerable and uncertain of how to protect their identities."

Despite the emphasis in the media on security breaches, the task force's report calls into question the actual link between a data breach and ID theft. However, the damage is done as the barrage of security breach details serve to fuel "consumers' fears of identity thieves gaining access to sensitive consumer information," which then undermines consumer confidence, according to the report.

The task force gives credit where credit is due in the private sector: "Many private sector organizations understand their vulnerabilities and have made significant strides in incorporating data security into their operations or improving existing security program."

Predictably, the task force stresses that "further improvements are necessary." In addition to data security safeguards that businesses need to adopt, the task force singles out the need for "improvement by businesses in planning for and responding to data breaches."

Enter the IAPP.

Our efforts to deliver the most urgent and relevant educational opportunities is again right on target.

Next month, we are launching three new events, The Practical Privacy Series, June 27-28 in New York City - and one of the intensive events is solely focused on data breach response. The June 27 sessions are designed to provide attendees with the knowledge, skills and tools necessary to proactively identify and manage risks while effectively planning for the worst.

The next day, The Practical Privacy Series will allow attendees to choose between two different events, Pharma/Healthcare or Financial Services.

Whatever your focus, we have assembled the profession's leading privacy experts and practitioners to arm you with the practical tools and knowledge you need to return to your organizations with solutions.

So please join us at the City University of New York in Manhattan for the launch of our newest educational programming!

J. Trevor Hughes, CIPP
Executive Director, IAPP