This event will take place in-person only, with limited places. Registration is now open for application!

The 5th Annual Data Privacy Conference USA will once again gather top-level political and industry leaders, data privacy experts, legislators, regulators, and civil society to explore the US’s response to a dynamically evolving data privacy landscape. The event will examine the current state of data privacy legislation in the US, highlight what can be expected in the medium term, and debate the current outlook for businesses and consumers alike. As the US data privacy landscape develops, so does the global outlook. The conference will discuss how cooperation between different regions of the world can be deepened to promote the free flow of data, including an update on the EU-US Data Protection Framework. Speakers will also explore how the tension between the protection of individuals against the harmful effects of data collection and the promotion of positive innovation can be solved in the context of the deployment of AI technologies, and of the use of health and children’s data.

 

The 5th Annual Data Privacy Conference USA will once again gather top-level political and industry leaders, data privacy experts, legislators, regulators, and civil society to explore the US’s response to a dynamically evolving data privacy landscape. The event will examine the current state of data privacy legislation in the US, highlight what can be expected in the medium term, and debate the current outlook for businesses and consumers alike. As the US data privacy landscape develops, so does the global outlook. The conference will discuss how cooperation between different regions of the world can be deepened to promote the free flow of data, including an update on the EU-US Data Protection Framework. Speakers will also explore how the tension between the protection of individuals against the harmful effects of data collection and the promotion of positive innovation can be solved in the context of the deployment of AI technologies, and of the use of health and children’s data.

 

Themes

The US data privacy and security legislative landscape

The US Data Privacy and Security legislative landscape

Enabling cross-border data flows

Enabling Cross-border Data Flows

Data privacy protections to build trust and confidence in AI

Data Privacy Protections to build Trust and Confidence in AI

Protecting children privacy and online safety

Protecting Children's Privacy and Online Safety

Data privacy in healthcare

Data Privacy in Healthcare

The 5th Annual Data Privacy Conference

Speakers

Suzan Delbene

Suzan DelBene

US Congresswoman
United States House of Representatives

*Virtual

Senator Markey

Senator
Ed Markey

US Senator for Massachusetts
US Senate

*Pre-recorded speech

Peter Winn 240

Peter A.Winn

Acting Chief Privacy and Civil Liberties Officer
Department of Justice

Shannon Coe

Shannon Coe

Director of Global Data Policy
US Department of Commerce

Ronnie Solomon

Ronnie Solomon

Attorney, Division of Privacy and Identity Protection
Federal Trade Commission

Lindsay

Lindsey Barrett

Telecommunications Policy Analyst
NTIA

cameron 240

Cameron F. Kerry

Distinguished visiting fellow, Center for Technology Innovation
Brookings Institution

Ralf Sauer

Ralf Sauer

Deputy Head of Unit – Data Flows and Protection, DG JUSTICE
European Commission

*Virtual

Audrey Plonk

Audrey Plonk

Head of Digital Economy Policy Division – Directorate for Science, Technology and Innovation
OECD

*Virtual

George Solver 240

George Slover

General Counsel, & Senior Counsel for Competition Policy
Center for Democracy & Technology

Jim Siegl 240

Jim Siegl

Senior Technologist, Youth & Education Privacy
Future of Privacy Forum

Maureen O

Maureen K. Ohlhausen

Section Chair – Antitrust & Competition Law, Partner
Baker Botts

Stacy Feuer

Stacy Feuer

Sr. Vice President, Privacy Certified
ESRB

Lourdes 240

Lourdes Turrecha

Founder and Chief Privacy Tech Evangelist
The Rise of Privacy Tech

Jane Bambauer 240

Jane Bambauer

Professor of Law
University of Arizona

*Virtual

Matthew Reisman

Matthew Reisman

Director, Global Privacy Policy
Microsoft

Aaron Cooper

Aaron Cooper

Vice President, Global Policy
BSA | The Software Alliance

Evangelos Razis

Evangelos Razis

Senior Manager for Public Policy
Workday

John Miller

John Miller

Senior Vice President of Policy and General Counsel
ITI

Will Duffield 240

Will Duffield

Policy Analyst
Cato Institute

Robert Litt

Robert S. Litt

Of Counsel & Co-Chair
Morrison Foerster

1550671476203

Willmary Escoto

U.S. Policy Analyst
Access Now

Haley Hinkle

Haley Hinkle

Policy Counsel
Fairplay

Tani

Tani Olhanoski

CEO & co-founder
Mysilio

*Virtual

Shane Tews

Shane Tews

Nonresident Senior Fellow
The American Enterprise Institute

Iain Corby

Iain Corby

Executive Director
The Age Verification Providers Association

Jay

Jay Banerjee

COO
ImmersiveTouch

Sara Collins 240

Sara Collins

Senior Policy Counsel
Public Knowledge

Paul Martino

Paul Martino

Vice President & Senior Policy Counsel
National Retail Federation

Ryan Nabil

Ryan Nabil

Research Fellow
Competitive Enterprise Institute

Dan Caprio

Dan Caprio

Co-Founder
The Providence Group

Jonathan Litchman

Jonathan Litchman

Co-Founder
The Providence Group

Jonathan Cannon

Jonathan Cannon

Policy Counsel, Technology and Innovation
R Street

Andrew zack

Andrew Zack

Policy Manager
Family Online Safety Institute

Agenda

To address the risks and challenges associated with personal-data-enabled technologies, a comprehensive federal privacy law has been several years in the making in the US, culminating with the introduction of the ADPPA in 2022, which failed to pass in the last Congress. As the drive behind the legislation remains, the bill is expected to be re-introduced this year *(at the time of writing) with possible significant changes to reach full bi-partisan agreement. In the meantime, data privacy laws of varying scope have continued to be implemented at State level, with many more expecting to follow suit, adding to the patchwork of competing and potentially contradictory data protection rules across the country. Against this backdrop, the FTC also continues to consider privacy rulemaking to design a harmonised data privacy framework that would enhance trust by granting data subjects explicit protections and provide regulatory certainty to businesses. This context will serve as the main thread of the discussions held on the day, reflected in the below agenda.

*** Times are listed in ET ***

Data Privacy Conference
2023-09-19
08:55 - 09:00
Welcome by Forum Global
09:00 - 10:50
Session 1: The US Data Privacy and Security legislative landscape: What’s next?

Despite some much-anticipated progress towards advancing the ADPPA in 2022, Congress’s efforts to pass a comprehensive bipartisan privacy bill are still stalling (*at time of writing), while states continue to take the lead by introducing and passing various comprehensive or sectoral privacy laws. The FTC, in the meantime, continues to deliberate over what is next beyond its ANPR on commercial surveillance and data security.

 

Following the keynote session, and serving as an introduction to the rest of the day’s discussions, this panel will dive deeper into an analysis of the current state of data protection regulatory initiatives in the US and debate what this landscape means for individuals, tech, and non-tech businesses, including SMBs. It will explore the convergence and divergence of state laws enacted or introduced recently with one another (including narrower state laws governing specific forms or uses of data) as well as what is being considered at Congress and FTC levels. In this context, the panel will highlight the need for organizations to develop comprehensive data frameworks that consider data privacy and security concepts as well as human and technical elements to ensure better compliance with existing and possible future rules, increase individual trust, and reduce the risk of data breaches. This discussion will explore best practices and touch upon the interlink between cybersecurity and data privacy and the need to balance compliance, risk management, and effective business operations.

 

 

  • What are the key similarities and differences between recently enacted and introduced state privacy laws, and how do they compare with obligations included in the ADPPA framework?
  • What are some of the best practices for building data privacy programs that comply with different (and sometimes overlapping) privacy requirements while allowing for new rules in the future, including laws governing specific and narrower forms or uses of data? How can businesses ensure that their privacy programs are forward-thinking and agile enough to address future privacy laws, the constant emergence of new technologies and the continuously evolving threat landscape?
  • How can businesses embed the principles of collection limitation, data minimization, purpose specification, and privacy-by-design in their operations, and what role can technological innovation play?
  • To what extent should different levels of data protection based on the sensitivity and risk of each type of data exist? 

 

Keynote Speeches
Panel
10:50 - 11:20
Coffee Break
11:20 - 11:35
Keynote Speech
11:35 - 12:55
Session 2: Encouraging the interoperability of data governance systems globally to enable cross-border data flows

As the US Data Privacy landscape evolves, so does the global outlook. With several countries and regions implementing different data protection and privacy frameworks, there is a risk that contrasting data governance regimes further complicate the free flow of data globally, which is crucial to the functioning of the global digital economy and trade. The Executive Order issued by President Biden, expanding privacy protections for data transferred between the United States and Europe, is still going through an ‘adequacy determination’’ by the EU (*at time of writing); the CBPR Forum is welcoming participation from interested jurisdictions worldwide following the release of the Global CBPR Framework and its Terms of Reference; the OECD member countries have signed a Declaration on Government Access to Personal Data Held by Private Sector Entities aimed at facilitating government access to personal data held by businesses for law enforcement purposes; and the G7 Digital Ministers recently reaffirmed their support for the Data Free Flow with Trust system. Taking all these initiatives into account, this panel will discuss how efficient these are, how multilateral cooperation to boost the free flow of data can be further promoted, and if a trusted, interoperable global governance system that enables cross-border data flows can genuinely be achieved so that citizens and businesses across the world can fully participate in the digital economy and harness socio-economic opportunities.

 

  • What is the latest on the EU-US Data Privacy Framework, given the significant caveats put forth by the EDPB and the European Parliament*? To what extent do the EO’s safeguards and redress mechanism provisions appropriately address the issues raised by the CJEU, and would the new framework withstand another challenge in the courts? What is being done to ensure the EU offers reciprocal legal remedies to American citizens? 
  • To what extent can the Global CBPR Framework be considered a solid alternative to the GDPR as a global benchmark for privacy standards worldwide? 
  • To what extent can the work undertaken by the Global CBPR and the OECD’s declaration on trusted government access to data inform the next steps for the DFFT initiative? 
  • How can interoperability, rather than strict equivalence, be further encouraged between national and regional data governance systems to improve trust between trading partners?
  • What support is given to global businesses that must comply with multiple data privacy laws around the globe, especially given the current economic context?

 

12:55 - 14:00
Lunch
14:00 - 14:15
Keynote Speech
14:15 - 15:30
Session 3: Reaching effective data privacy protection to build trust and confidence in AI

As AI systems become more ubiquitous in our lives, it is crucial that the personal and sensitive data collected to train algorithms isn’t used in the wrong context and that organizations understand the risks associated with using the technology, so that they take the necessary steps to protect consumers’ privacy. While the current headlines primarily focus on the risks linked to generative AI, it is essential to remember that the socio-economic benefits of data-enabled technologies such as AI are manifold, providing organizations with valuable insights to improve products, services, research and address socio-economic challenges. It is, therefore, essential that data-related regulations do not impede the endless opportunities it can deliver but encourage the deployment of AI technologies in ethical ways, protect privacy, eliminate bias and promote fairness and equity in line with core U.S. values.

 

This session will focus on the power of personal data in delivering data-enabled intelligent technologies for the interest of society as a whole and the challenges involved by discussing the complex interplay between data, AI, privacy, and the protection of civil rights against possible harmful automated decision-making. It will explore the potential of PETs to drive positive change while protecting privacy during the collection, processing, analysis, and sharing of data and to ultimately build trust with the public to empower them to participate in a data economy that benefits society equitably. Speakers will discuss the latest initiatives and regulatory work undertaken in these areas, such as the AI Bill of Rights released by the White House in October 2022; NIST’s Artificial Intelligence Risk Management Framework, the OSTP’s National Strategy to Advance Privacy-Preserving Data Sharing and Analytics; NTIA’s recent AI Accountability Request for Comment; the FTC’s guidance on algorithmic bias; and ask how technical, legal, and policy experts can collaborate to shape a US strategy and policies on data and AI that balance the tension between the protection of individuals against harmful effects and the promotion of positive innovation,

  • As AI systems rely on the availability and accessibility to large amounts of data – sometimes personal and highly sensitive data – how can it be ensured that enough data, representative of all groups of society, is available to accurately train AI systems while simultaneously preserving data privacy and avoid bias, discriminatory or unfair outcomes? 
  • What role can PETs play, and to what extent can they help uphold commitments to equity, transparency, and accountability? What needs to be done to accelerate their uptake? What could a future data ecosystem that effectively incorporates PETs look like?
  • How can principles such as fairness, transparency, accountability, equity and explainability (all included in the White House AI Bill of Rights) truly be operationalized for commercial and government use? 
  • Does the lack of a comprehensive federal privacy law undermine the possible advancement of responsible artificial intelligence-based technologies? To what extent do the discussions around AI regulation differentiate non-personal data from personal data and non-sensitive data from sensitive data?
  • What can be done to build confidence and empower citizens to access, manage and share their data with private and public organisations to bring unprecedented benefits to broader society?

 

15:30 - 15:45
Coffee Break
15:45 - 16:00
Keynote Speech
16:00 - 16:45
Session 4: A Focus on Protecting Children’s Privacy and Online Safety

Children’s data privacy has moved to the forefront of the legislative and regulatory agenda. President Biden has repeated calls for broader data privacy protection and stricter limits on companies collecting personal data, with a total prohibition on targeted advertising to children; the FTC’s enforcement efforts on children’s privacy through COPPA have intensified, and the agency has questioned whether commercial surveillance practices harm minors in its ANPR; several bills have been introduced in Congress to improve children privacy and online safety standards (including the recently-reintroduced KOSA), and States have taken action to create comprehensive children’s privacy and social media safety laws, prompted by the California Age-Appropriate Design Act.

 

As momentum around minor’s privacy is building, and with children’s privacy and safety intrinsically interlinked, this panel will explore the current state of children’s online protections in the US as well as the challenges faced by parents, educators, the tech industry, and policymakers to protect young people when considering both the direct and indirect risks of data collection, algorithmic amplification, and dark patterns. Panelists will examine how technology can be both a tool for protection and risk to privacy with a focus on age-verification tools and the privacy implications linked to this solution and will analyze how best practices such as parental control tools, privacy education for children and parents, and responsible data collection be optimized.

 

  • To what extent do the various bills introduced at State and Federal levels adequately protect young people’s privacy and shield them from online harms? Will real change come from children-specific data privacy laws or a broader comprehensive federal law similar to ADPPA?
  • With new rules, such as the California Age-Appropriate Design Code, requiring platforms to assess possible harm to children before rolling new products out and to expand their default privacy settings, how can businesses embed the privacy-by-design and privacy-by-default principles into the designs of their latest products and solutions, especially if they don’t think of themselves as doing business with children? Shouldn’t these rules apply to all users, regardless of their age? 
  • What are the benefits and drawbacks of age verification solutions and encryption?
  • What does current enforcement look like for the protection of children’s privacy, and what can be expected in the future from the FTC to regulate further the collection, use, sharing, and retention of children’s data and the security requirements linked to this, as new technologies such as the metaverse and natural language processing tool driven by AI technology emerge?

 

16:45 - 17:30
Session 5: A Focus on Data Privacy in Healthcare

Using personal data in healthcare can bring numerous benefits, including improved patient outcomes, enhanced medical research for treatments and cures, and better public health. With the increasing amount of patient information being generated, collected and shared, and with several tech companies attempting to enter the healthcare market, the benefits of using personal data for improved healthcare outcomes must be balanced with the need to protect patient privacy and ensure that data is used ethically and responsibly. With HIPAA being nearly three decades old, the law does not cover health data collected by health apps, web searches, wearables and other technologies that have boomed in recent years, creating a gap in patient protections. This session will discuss how the privacy of patients can be improved while enabling healthcare providers and the tech industry to deliver the promise of data-enhanced healthcare. It will explore the scope, benefits, and limits of HIPAA and the extent to which new safeguards are needed for Americans’ health data. It will examine how healthcare providers, patient groups, the tech industry, researchers and policymakers can work together to mitigate the risks linked to using sensitive medical data.

 

  • What are the potential consequences of data breaches and cyber attacks on healthcare systems, and how can healthcare providers, the tech industry and policymakers mitigate these risks?
  • In the absence of a comprehensive federal privacy law, how can health data falling outside the scope of HIPAA be protected? To what extent does HIPAA need to be updated to account for the evolution of emerging technologies and data management tools, or are brand new rules covering the privacy protections of health data required? What is being done at the state level?
  • How can patients’ trust in using their medical data be enhanced? What are the latest trends and innovations in data privacy in healthcare, and how can these be leveraged to improve patient outcomes?

 

Select date to see events.

Sponsorship opportunities

To discuss sponsorship and visibility opportunities at the 2023 Data Privacy Conference USA, please contact Anne-Lise Simon on [email protected] / +44 (0) 2920 783 023

checked

Exclusive speaking positions | Your organization can contribute to the discussion.

checked

Engaging and Interactive format | Engage in a fully immersive and interactive debate with decision makers, businesses and policymakers.

checked

US and global outreach | Convey your message to a broad and international audience.

checked

Networking opportunities | Connect with your fellow attendees during coffee and lunch breaks throughout the event.

checked

Visibility Opportunities | Ensure maximum visibility through branding in the room, on the event website and marketing activities.

checked

Exhibition and demos area | Showcase your products and solutions or share a position paper with the audience.

Past Sponsors Include...

ACT The App Association
AT&T
acxiom
Active Navigation
BSA
FACEBOOK
IEEE
Internet association
ITI-logo_vertical
kinesso
liveramp
NortonLifeLock
OneTrust
palantir
SIIA
US Chamber of commerce
Workday
Providence Group
ACT The App Association
AT&T
acxiom
Active Navigation
BSA
FACEBOOK
IEEE
Internet association
ITI-logo_vertical
OneTrust
palantir
SIIA
US Chamber of commerce
Workday
Providence Group

Sponsors & Partners

ACT The App Association
AT&T
BSA
ITI-logo_vertical
MSFT logo for ws
Workday
Providence Group
Encompass

Social Media

Let your network know you’re attending this year’s conference by sharing the below graphic on social media. Don’t forget to use the event hashtag #DataUSA22

Practical Information

Venue:

National Press Club
529 14th St NW
Washington, DC 20045
United States

Contact:

For more information on any aspect of this event, please contact Anne-Lise Simon using any of the details below.

Anne-Lise Simon
Director | Head of Event Planning & Coordination
Forum Global
[email protected]
Tel: +44 (0) 2920 783 023

#DataUSA23

Receive our event updates:

Sign up to receive updates on our upcoming policy events. We will only send you emails about the conferences and topics that interest you, and you can unsubscribe at any time.