Privacy Advisor

Notes from the Executive Director

January 1, 2008

2008: A Privacy Odyssey?


As we turn the corner on another year, we have an opportunity to consider the privacy issues that may emerge in 2008 or continue to percolate from last year. This special issue is filled with provocative thoughts from some of the top privacy experts from around the world. Not one to miss the fun, here are some of my personal thoughts on what 2008 may bring to the privacy field:

Data breach legislation will go global with the UK, Canada and even the EU Parliament considering notice of data breach standards. Recent large breaches in the UK and Canada are creating strong calls for legislative consequences. The UK is even considering criminal sanctions for egregious breaches. The thought of data managers going to jail in the wake of a data breach is striking indeed. Make no mistake, the debate over legislative responses to data breaches will continue in 2008.

Politics, Politics, Politics. The presidential and Congressional campaigns will certainly dominate the media in 2008. But what about the privacy platforms of the candidates? Privacy is not a prevalent issue on the current platforms. However, Senator Clinton is well known in our circles for her privacy bill in 2007. And the Congressional campaigns offer even more intrigue. Many candidates have staked out strong positions on privacy. Notably, California legislator Jackie Speier recently announced her candidacy for an open Congressional seat in the state. It may be a long shot, but we may even see a candidate add — as a plank to their platform — a call for national privacy legislation in the U.S.

Online Privacy, Rev. 2.0. It seems that online privacy has never really gone away as a central issue within the privacy field. 2008 most likely will see the issues get even hotter as behavioral targeting, social networking, spyware/malware and the definition of personal data all stoke the flames of debate. To make issues in this area even more complicated, the EU is holding hearings this month to explore behavioral targeting — but is doing so in the context of the Google-Doubleclick merger. Could it be that privacy will emerge as an issue to be considered in merger approvals? The FTC decidedly said "no", but the EU seems more inclined to permit data protection issues to enter into their considerations.

The one prediction in which I am supremely confident is this: The role of the privacy professionals will continue to grow in prominence and importance within our information economy. We continue to see enormous growth in our profession. The IAPP is currently adding in excess of 100 members per month, and our growth is expected continue for the foreseeable future. The growth of the IAPP is a mere reflection of the ascendency of the profession. We should all be proud of our combined influence on one of the most significant policy issues of our time.

The passing of the New Year also brings mounting excitement as we get closer to the IAPP Privacy Summit 2008. By the time you receive this publication, the brochure should be in your mailbox. We have some great keynotes — Nina Totenberg and Jeffrey Rosen — as well as an all-star roster of speakers. Register early! We came very, very close to a sell out in 2007 and this year looks bigger, and better, than ever before.

J. Trevor Hughes, CIPP
Executive Director, IAPP