Privacy Advisor

Making Magic

October 1, 2008

Notes from the 2008 IAPP Privacy Academy


At Disney, it seems, anything is possible. Elephants fly. Fish talk. Lions cohabitate with gazelles, and crocs with hippos, all without incident. It's a magical vibe in this place where parades happen spontaneously and fireworks light the sky each night.

But a magic wand won't encrypt your laptops, and no fairy godmother will manage your cross-border data flows. So for three days last month, privacy professionals from across the globe convened on the world capital of make believe to work on the very real issues of the privacy profession.

Extortion, seduction, intrigue!
Fireworks and fanfare, after all, are two things most privacy pros likely eschew in their professional lives, so after the pixie dust settled, they got down to business in sessions designed to help them not only avoid the slings and arrows of their trade, but also excel in a rapidly changing global privacy landscape. There was intrigue (Data Extortion and Ransom: Behind the Scenes of a Real, Organized Criminal Attack on a Financial Institution); seduction (A Fly in the Ointment); espionage (Managing Global Identities) and ambition (Leading a Global Data Privacy Revolution).

"Spellbinding" presentations
Seasoned privacy pros and newcomers to the field got an early start to the learning in Monday's preconference sessions such as "The Privacy Audit," "Establishing a Records Management Program" and others. Participants exiting Tuesday's "50 Best Metrics for Data Privacy and Security Status" session described it as "spellbinding" and "sequel-worthy. And outside, The Privacy Advisor caught up with two CIPPs-to-be who had taken their study materials poolside to prepare for the exams they would take later in the week. (Ultimately, more than 180 privacy pros tested for their Certified Information Privacy Professional designation at the event.)

Harnessing hakuna matata
Networking sessions, world-renown speakers and a plenary featuring candidates and representatives of the 2008 U.S. presidential campaigns filled the agenda with fodder for expanded horizons.

And when the monorail glided from view and the sun began to set on Spaceship Earth, another day came to a close in the Magic Kingdom. And privacy pros, rich with enhanced perspectives, headed back to the real world, one step closer to hakuna matata.

IAPP Privacy Academy 2008 sessions:


  • APEC vs. the EU
  • Tips and Tricks Learned from Recent Privacy Litigation
  • Vendor Management: When Take it or Leave it is NOT an Option
  • How to Gain the Support of the CFO for Privacy and Data Protection
  • 50 Best Metrics for Data Privacy and Security Status
  • Privacy Management Benchmarking
  • Best Clauses in Fortune 500 Privacy Policies
  • The FCRA—It's Not Just for Credit Bureaus
  • Data Extortion and Ransom: Behind the Scenes of a Real Organized Criminal Attack on a Financial Institution
  • CIPP Training
  • The Anatomy of an IP Address
  • Marketing and Technology: Where Are We Headed?
  • Leveraging SOX Compliance in a Privacy Program
  • The Privacy Paradox in National Intelligence: Providing Security While Protecting Privacy
  • The Role of Data Protection Officers in Germany and Other European Countries
  • The Intersection of Digital Culture and Children's Privacy
  • A Fly in the Ointment
  • Privacy Compliance in the New Media Age
  • The Privacy Audit
  • Establishing a Records Management Program
  • Implementing Privacy Protections in the Federal Government
  • Privacy Professional Bootcamp
  • Legal Privacy and Security Considerations in Implementing Service Quality Processes in Call Centers
  • Privacy Challenges and Opportunities for Creating and Managing Global Identities
  • Privacy Implications of Gene Mapping and Personalized Health
  • Outbehave the Competition and Strengthen Your Privacy Program
  • The PCI DSS—Leading a Global Data Privacy Revolution
  • Legal Issues Related to HR Data When It Is Subpoenaed, Subject to Discovery or Requested by Law Enforcement