|Tuesday 16 November 2021
09:25 AM - 09:30 AM;
Monitoring Staff Working From Home: Privacy Considerations
09:30 AM - 10:00 AM
Concerned about the impact of remote work on productivity, some organizations are monitoring their staff as they work from home—sometimes to a greater extent than they were in the office.
What are the legal considerations when tracking employees’ browsing and working habits in their own home? Is such activity even legal under data protection laws like the GDPR? And could any productivity gains justify the intrusion on people’s privacy?
What COVID-19 Has Taught Us About Phishing
10:00 AM - 10:45 AM
COVID-19 brought panic, uncertainty, and a shift towards remote work: the perfect storm for a huge wave of phishing and other social engineering attacks.
As rates of coronavirus begin to ease off in some parts of the world, scammers will need to find new ways to persuade employees to click a phishing link or download a malicious payload.
Our panel will discuss the lessons on phishing since early 2020: What tactics work best to mitigate phishing? What motivates social engineering scammers? How can organizations move toward a more secure post-pandemic workplace?
Joe Tidy, BBC Cybersecurity Correspondent
Transfers Under a Microscope: Impact and Third Country Assessments - Sponsored by OneTrust
10:45 AM - 11:15 AM
2021 began full of anticipation for the release of two key documents: the European Commission's finalized standard contractual clauses, and the European Data Protection Board's finalized guidance on supplementary measures.
Since their arrival, organizations have been working hard to operationalize them, but challenges remain regarding the particular assessments of third countries that must be undertaken as well as understanding the risk and impact of all transfers at large.
In this session, we share a step-by-step guide to undertaking a Transfer Impact Assessment (TIA), the considerations when conducting Third Country Assessments (TCA), and the relevant measures that can be put in place to mitigate risk and ensure regulatory compliance.Understand the operational impact for organizations. Outline the necessity and considerations of the assessment of third countries. Breakdown the steps data importers and exporters can take to protect and enable transfers
11:15 AM - 11:45 PM
Contact-Tracing Apps: Have They Helped, and Should We Keep Using Them?
11:45 AM - 12:30pm
Early in the pandemic, contact-tracing apps were seen as a key way to fight COVID-19.
Some countries, like Singapore and China, developed invasive apps to track people’s movements and behavior. Governments in Europe and the Americas mainly relied on the less intrusive Apple/Google Bluetooth framework.
More than a year into the use of such apps—which, if any, work best? How far should we be willing to sacrifice privacy and autonomy in the name of public health? And how long should contact-tracing apps remain a feature of society as we emerge from the pandemic?
Could vaccine passports threaten privacy and drive inequality?
12:30 PM - 13:15 PM
Evidence increasingly confirms that COVID-19 vaccines are effective. But a substantial portion of society continues to be hesitant about getting their shots.
Vaccine passports could be a way to mitigate the impacts of COVID-19 and help contain the spread of the disease. But some are worried about denying access to travel or facilities to unvaccinated people.
Furthermore, vaccine passports have provoked privacy concerns. Should people be expected to share their health data with an increasingly broad range of actors—from border guards to nightclub security staff?
Our panel will discuss the ethical and social dimensions of vaccine passports: Could vaccine passports create a new social divide? Are we balancing privacy and freedom properly? And is there a secure and privacy-preserving solution to this problem?
13:15 PM - 14:15 PM
The UK's Post-Brexit GDPR Reforms: What to Expect, How to Adapt
14:15 PM - 14:45 pm
After leaving the EU, the UK retained the GDPR in its domestic law and earned its EU adequacy. But more recently, the government has suggested that the UK will diverge dramatically on data protection and privacy.
Along with appointing a new Information Commissioner, the UK plans to set up its own adequacy network to enable the liberal flow of personal data around the world. The government has also announced plans to eliminate cookie banners—plans that could have a significant impact on digital advertising.
But are these plans realistic? How could they be implemented? Is the UK putting its existing EU data flow arrangements at risk?
Our panel will explore how should businesses that trade in—or with—the UK should adapt to the data protection "new normal".
- Tash Whitaker, Global Data Compliance Director and Consultant, Whitaker Solutions Ltd
Adapting to the New Normal: Practical Insights from Privacy and Data Protection Professionals
14:45 PM - 15:15 PM
The immense change and challenges brought about by 2020 and 2021—with increased data collection, new security threats, and a more privacy-conscious public—have brought many changes to privacy and data protection professionals.
PrivSec New Normal will bring together a panel of professionals to discuss how their roles have evolved since the start of the pandemic, and how they are meeting the challenges brought about by the new normal.
How Has the Pandemic Changed Consumer Privacy, and How Should Businesses Respond?
15:15 PM - 15:45 PM
Confined to their homes, consumers have become more dependent than ever on their devices—and have spent more and more time being monitored and targeted by big tech firms.
But the public conversation on privacy has changed markedly over the past year and a half.
Apple’s pro-privacy marketing drive has captured the public imagination. WhatsApp’s data processing changes sparked widespread concern. And privacy-enhancing apps and products are increasingly mainstream.
What’s the direction of travel for consumer privacy? How should businesses respond? And can privacy-oriented companies thrive in this new environment?
- Joe Tidy, BBC Cybersecurity Correspondent
15:45 PM - 16:15 PM
Ensuring Security in Hybrid Work Environments
16:15 PM - 17:00 PM
Work from home, return to the office—or both?
Hybrid work environments, where employees are spread across remote and office-based workplaces, are becoming increasingly common as the lockdown/re-open cycle continues.
What are the main security considerations for hybrid work environment? How can organizations adapt their security regimes to protect employees and assets as they transition to hybrid work?
- Joe Tidy, BBC Cybersecurity Correspondent
The UK's GDPR and PECR Proposals: A Brexit Bonfire of Rights or a Sensible Reform?
17:00 PM - 17:30 PM
This panel will be an open, honest discussion between professionals who either (a) believe that the proposals announced by the Department for Digital.
Culture, Media and Sport will weaken our data protection and privacy rights, or (b) believe Brexit offers opportunities for divergence from EU law and that these will not unduly tip the balance too far in favour of data controllers.
17:30 PM - 17:40 PM