BST |
Thursday 18th May 2023 |
09:00 |
What Is ‘Necessary’ for a Contract? GDPR Legal Bases Following the Meta Decisions 09:00 - 09:45
The Irish Data Protection Commission (DPC)’s decisions against Facebook, Instagram and WhatsApp are some of the most significant developments in data protection since the passing of the GDPR.
Now the dust has settled, our panel will debate the merits of the European Data Protection Board (EDPB)’s approach towards lawful bases for processing, and consider how they might impact businesses beyond Meta.
Host
Speakers
|
09:15 |
09:30 |
09:45 |
10:00 |
Is the GDPR’s ‘One-Stop-Shop’ Working? 10:00 - 10:45
One common criticism of the GDPR is that its enforcement process is not sufficiently effective. Critics argue that routing cross-border decisions through a controller’s “main establishment” has led to delays and created an enforcement gap.
But what’s the alternative? Aren’t most cross-border decisions actually resolved effectively? This panel will explore the history of the GDPR’s one-stop-shop mechanism and consider how it might be improved.
Host
Speakers
|
10:15 |
10:30 |
10:45 |
11:00 |
Staying Compliant: How To Manage Data Transfers Around The Globe [Sponsored by OneTrust] 11:00 AM - 11:30 AM
The topic of international data transfers has been a contentious subject since the Court of Justice of the European Union (CJEU) rules on the Schrems II case, invalidating the EU-US privacy shield and changing the way organisations manage persona data transfers overnight.
Beyond the question of legality between transferring data between the US and the EU, data transfers are brought to the forefront in other regulatory updates including the UK Data Protection Bill, China’s PIPL, Canada’s PIPEDA, UAE’s PDPA.
Join this session as we explore:
· How to effectively manage data transfers and mitigate risk of non-compliance with respect to global data transfer requirements
· How organisations need to document and assess the risk of data transfers, and provide consumers with notice and choice to share data with third parties
· A look at recent enforcement activity in the EU on data transfers
Host
- Joseph Byrne, Solutions Engineering Specialist, FIP, CIPP/E, CIPM, CIPT, GRCP
|
11:15 |
11:30 |
2023 vs 1984: Is State Surveillance Becoming More Intrusive? 11:30 AM - 12:15 PM
New data protection and privacy laws are developing all over the world. Yet the amount of data collected about people by corporations and governments continues to increase. And new technology, such as biometrics, IoT, and AI, bring new surveillance opportunities.
In this panel, privacy experts will debate whether surveillance is more pervasive than ever, and discuss whether it’s too late to turn the tide.
Host
Speakers
- Dr. Mohamed Abdur Rahman, Associate Professor, Cyber Security and Forensic Computing, University of Prince Mugrin
- Cecilia Choeri, Partner and Head of Data Privacy and Technology, Chediak Advogados
- André H. Paris, CIPM, CCEP-I, Managing Partner, Fakos - Data Privacy & Compliance Consultancy
- Glenn Wilkinson, Ethical Hacker
|
11:45 |
12:00 |
12:15 |
12:30 |
Generative AI and the GDPR: A Match Made in Hell? 12:30 PM - 13:15 PM
Large Language Models (LLMs) and image generation are officially mainstream. With millions of people using AI tools every day, the internet and wider society are changing fast.
But there’s an elephant in the room. How does a product that indiscriminately scrapes personal data from the web coexist with GDPR principles such as data minimisation and purpose limitation? Let alone the implications for security, data subject rights, and lawfulness.
Host
Speakers
|
12:45 |
13:00 |
13:15 |
13:30 |
Preparing for a privacy incident: last 90 days before it happens. 13:30 - 14:00
There is no such thing as perfect compliance - privacy incidents can and will happen.
What matters most is that you have a systematic and rigorous approach to privacy management, and that you are continuously working to be better prepared tomorrow than you are today.
In this session, our guests discuss how to identify, prioritise and address potential gaps in your readiness to demonstrate compliance.
Host
Speakers
|
13:45 |
14:00 |
Ransomware: Should You Ever Pay? Preparing for the Worst 14:00 - 14:45
Research suggests that most organisations hit with a ransomware attack end up paying the ransom. Perhaps this is understandable—but is it the right decision? And can paying a ransom to cybercriminals actually be illegal in some circumstances?
This session will address the elephant in the room: Is paying the ransom ever right? And what can organisations do to help ensure they never have to make this difficult decision.
Host
Speakers
|
14:15 |
14:30 |
14:45 |
15:00 |
Fight Fire With Fire: Artificial Intelligence for Red Teams and Blue Teams 15:00 - 15:45
AI presents new challenges for security teams, with new tools available for hackers and more advanced social engineering techniques. But AI also provides new defences to help security teams detect and prevent attacks.
This session will explore how AI is changing the threat landscape—and how to leverage AI to defend your organisation.
Host
Speakers
|
15:15 |
15:30 |
15:45 |
16:00 |
Internet Intelligence for Better Exposure Management and Threat Hunting 16:00 - 16:30
Today’s security teams’ task lists are becoming more and more complex. To deal with a rapidly-growing threat environment and increasingly sophisticated bad actors, security teams are managing multiple tools that don’t provide a needed outside-in perspective. To protect your organization and customer data from harmful breaches, consider the advantages of deploying a threat hunting and exposure management platform powered by best-in-class internet intelligence.
Host
|
16:15 |
16:30 |
Children’s Rights and Adults’ Privacy: Can We Ever Strike a Balance? 16:30 - 17:15
Jurisdictions everywhere are trying to make the internet a safer place for kids. But this is no easy task. Is there a privacy-respecting way to implement age verification or ID requirements? Or do we have to sacrifice some privacy in the name of child safety?
This session will explore the current child privacy landscape: What’s required, what’s expected, and how to balance the rights of children and adult users.
Host
Speakers
|
16:45 |
17:00 |
17:15 |
17:30 |
Fireside chat: 'How can we ensure the metaverse is open, safe and accessible?' 17:30 - 18:15
To ensure safety, the metaverse should have robust security and privacy measures to protect users from cyber threats such as hacking, fraud, and harassment. Appropriate regulations and laws should be put in place to prevent exploitation and protect users' data and privacy.
Ensuring the metaverse is open, safe, and accessible will require collaboration between technology companies, policymakers, and user communities.
Join our discussion to explore how by working together, we can create a metaverse that benefits everyone and promotes innovation and creativity in a safe and inclusive environment.
Host
- Emilios Lemoniatis, Chief Digital Ethics and Privacy Officer
Surrey and Borders Partnership NHS Foundation Trust
Speakers
|
17:45 |
18:00 |
18:15 |
18:30 |
Is Web3 the solution to doing a better job with data? The practicalities of returning control to consumers 18:30 - 19:15
One of the most fundamental tenets of Web3 is for consumers to regain ownership and control of their data. This means that they will be able to choose if and when information about them can be shared and used or even receive payments for access.
But what practical steps do companies need to take in order to comply? Is Web3 the solution to restoring trust between consumers and brands?
Host
Speakers
- Adebayo Tiamiyu, Web3 Investigations and Intelligence Expert
- Yaser Zia, Chief Information Security Officer, Iranian Offshore Oil Company
|
18:45 |
19:00 |
19:15 |
19:30 |