2022 Title

The 4th Annual Data Privacy Conference USA will take place in Washington D.C. on September 14th 2022 and gather thought leaders, legislators, the public and private sectors, and civil society representatives to discuss the most topical and timely issues relating Data Privacy in the US.

This event will take place in-person only. Registration is now open and free for all attendees.

Themes

Privacy and Competition: a complex interplay

Adapting to a shifting data privacy landscape

Creating synergies with global data protection regimes

Child Privacy in the Digital Space: Protection and Empowerment

Lawful access to data and privacy considerations

Privacy in the Metaverse: what does the future hold?

The 4th Annual Data Privacy Conference

Speakers

Senator Markey

Senator
Ed Markey

US Senator for Massachusetts
US Senate

Suzan Delbene 240

Suzan DelBene

US Congresswoman
United States House of Representatives

Sally Hubbard 240

Sally Hubbard

Senior Counsel to the Assistant Attorney General
Department of Justice

Peter Winn 240

Peter A.Winn

Acting Chief Privacy and Civil Liberties Officer
Department of Justice

Ronnie Solomon 240

Ronnie Solomon

Attorney, Division of Privacy and Identity Protection
Federal Trade Commission

cameron 240

Cameron F. Kerry

Distinguished visiting fellow, Center for Technology Innovation
Brookings Institution

George Solver 240

George Slover

General Counsel, & Senior Counsel for Competition Policy
Center for Democracy & Technology

Jim Siegl 240

Jim Siegl

Senior Technologist, Youth & Education Privacy
Future of Privacy Forum

Lourdes 240

Lourdes Turrecha

Founder and Chief Privacy Tech Evangelist
The Rise of Privacy Tech

Jane Bambauer 240

Jane Bambauer

Professor of Law
University of Arizona

Will Duffield 240

Will Duffield

Policy Analyst
Cato Institute

Willmary Escoto

Willmary Escoto

U.S. Policy Analyst
Access Now

Dan Caprio

Dan Caprio

Co-Founder
The Providence Group

Jonathan Litchman

Jonathan Litchman

Co-Founder
The Providence Group

Ashley Johnson 240

Ashley Johnson

Senior Policy Analyst
Information Technology and Innovation Foundation

Agenda

Data Privacy has become an increasingly pressing concern for individuals in the USA and globally these past few years, as digital technologies have proliferated throughout our lives while numerous, sometimes wide-scale, cases of data breaches and misuses have continued to make the headlines. The huge socio-economic benefits of these technologies are however manyfold, and it is therefore essential that regulation does not impede the endless opportunities they can deliver. Trust, transparency, and accountability are central to the discussions being held around data privacy in the US and will be the core themes of Forum Global’s 4th Annual Data Privacy Conference USA.

The recent circulation of the bipartisan and bicameral‘ American Data Privacy and Protection Act’ represents a significant step forward to establish national data privacy protections with the proposed law striking compromises on a series of major sticking point and being the first privacy bill to be made available for a full House vote. Time is of the essence however, to get a federal framework across the finish line during the 117th Congress. In this context, and while States legislators, the FTC and the tech industry itself continue to respond to privacy challenges, this event will gather top level US and global data privacy experts, policymakers, industry leaders and civil society to explore the US’s response to a dynamically evolving data privacy landscape.

Sessions at this event will explore how businesses and consumers can best adapt to continuously changing privacy requirements, methods and expectations ahead of the potential enactment of the ADPPA or any other future federal rulebook on privacy, will examine the inextricable link between data privacy and competition regulations in the platform economy, and will assess how synergies between different data protection regimes internationally can be developed to create a more coherent transnational approach to regulation. Specific themed sessions will debate issues relating to child privacy, lawful access to data – including but not limited to the implications of the Supreme Court’s decision to overturn Roe v Wade- and the future of privacy as emerging technologies, such as AI and the metaverse, develop. A common thread throughout the discussions will explore how the ADPPA balances the protection of individuals and the promotion of positive innovation with regards to the issues covered.

*** Times are listed in ET ***

Data Privacy Conference
2022-09-14
08:50 - 09:30
Welcome and Keynote Speeches
09:30 - 10:40
Session 1: Adapting to a shifting data privacy landscape: From Compliance and Beyond

While latest efforts in Congress have recently resulted in the circulation of the bipartisan and bicameral ADPPA which finds compromise on the two main stumbling blocks to a federal rulebook on privacy – time is running out for the bill to meaningfully advance this year. In the current absence of a federal privacy framework and with 5 states having already enacted their own privacy laws (and many more likely to follow suit) and while the FTC continues to consider rule-making procedures, organizations across the country are still currently faced with obligations to comply with different competing and potentially contradictory data privacy regimes as well as with industry-specific privacy regulations.  This leads to consumers’ confusion, high compliance costs and creates corporate governance challenges. In order to achieve best levels of data protection, privacy advocates argue that companies should take a more proactive stance towards data privacy now, by incorporating data security and privacy into an overall risk management framework, developing flexible compliance mechanisms and privacy-by-design strategies, as well as adopting Privacy-Enhancing Technologies (PETs), so that they can adapt to a constantly changing regulatory environment. This session will discuss what can be done by organizations of all sizes and all sectors to prepare for future compliance and develop risk management programs with built-in flexibility. It will explore whether tools and recommendations that are being deployed are enough to give businesses and public organizations appropriate support and guidance and will also examine the impact that technology itself can have by exploring the role of PETs. Finally, it will analyze the extent to which the circulation of the American Data Privacy and Protection Act sets the stage for continued discussions on a federal privacy framework even if Congress does not act on it this session.

Possible questions:

  • What impact has the proliferation of different data protection rules in various states had on businesses of all sizes and sectors?
  • What would an FTC rulemaking process mean for tech and non-tech businesses? What are the benefits and limitations of such procedure for privacy regulation compared to legislation, for both industry and consumers?
  • If a federal privacy framework is not enacted this year, what lessons can be drawn from the bipartisan negotiations held in Congress these past few months culminating in the release of the ADPPA?
  • What can organizations do now to ensure compliance with current regulations while preparing for future requirements in the context of a shifting data privacy landscape? What tools and support are available to them to create the competency to become, and stay compliant, in an era where disruptive technologies are constantly evolving? To what extent can privacy and security be integrated into all aspect of business processes, and how can compliant and adaptable data privacy systems be created? To what extent can this prove becoming a strong competitive advantage in the future and create new business models?
  • How can principles such as fairness, transparency, accountability and explainability truly be operationalised?
  • How does the use of PETs help organizations get the value from their data while addressing data privacy and security concerns?
  • What does compliance currently look like for smaller businesses, and what does this mean for competition and innovation? How can it be ensured that startups and innovators do not end up closed off from a complex framework? Should different regimes exist for organizations of different sizes? 
Session 1: Adapting to a shifting data privacy landscape: From Compliance and Beyond image
Ronnie Solomon
Attorney, Division of Privacy and Identity Protection · Federal Trade Commission
Session 1: Adapting to a shifting data privacy landscape: From Compliance and Beyond image
Lourdes Turrecha
Founder and Chief Privacy Tech Evangelist, The Rise of Privacy Tech
10:40 - 11:00
Coffee Break
11:00 - 12:10
Session 2: Privacy and Competition: a complex interplay

The collection and use of personal data are at the core of business models and innovation in today’s data economy. However, in the absence of federal data privacy rules and of common transparency requirements, individuals have limited control as to how their data is collected, used and shared. As the data explosion has largely benefited and been driven by the private sector, momentum is growing for a deeper analysis which would aim to address the emerging questions around competition, market dominance and enabling innovation to flourish. 

 

This session will explore the complex convergence between the data privacy and competition regulatory spheres, their overlapping objectives, where these regulatory areas complement each other, and what tensions exist. It will discuss the extent to which these issues are appropriately addressed by President Biden’s Executive Order “Promoting Competition in the American Economy” from July 2021 directing the FTC to start a rulemaking process to strengthen consumers’ data privacy, by the various bills being introduced by Congress, and by industry players who continue to take further action to self-regulate by rolling out privacy-focused changes to their services.

 

Possible questions:

  • What specific challenges does data privacy create in the context of competition and antitrust?
  • To which extent well-enforced federal data protection rules could create a level playing field with regards to data collection and access? If a federal privacy law were not to be enacted in the coming years, to what extent could data protection issues be dealt with through antitrust? Is a “cross-disciplinary” approach an appropriate way to address privacy harms?
  • What role can ‘Purpose Limitation’ or the implementation of a specific ‘Legal Basis’ for data use could have in addressing the powerful advantage that a handful of companies have gained from combining and cross-using individuals’ data?
  • What would ‘putting users in control of their data’ concretely look like?
  • How can it be ensured that self-regulatory measures being developed by industry players does not lead to more anti-competitive issues?
  • What is required to create a framework that does not stunt the growth of smaller businesses given the diversity of companies making up the current digital ecosystem?
  • With the focus being mainly directed at Tech giants, how can it be ensured that smaller and non-monopolistic firms that also conduct aggregation of personal information (data brokers, AdTech) are also being considered while avoiding a one-size-fits all approach?
  • What is the perspective of different stakeholders on ‘algorithmic destruction’ as a way to penalize companies for unfair and deceptive data practices?
Session 2:  Privacy and Competition: a complex interplay image
Sally Hubbard
Senior Counsel to the Assistant Attorney General, Department of Justice
Session 2:  Privacy and Competition: a complex interplay image
George Slover
General Counsel, & Senior Counsel for Competition Policy, Center for Democracy & Technology
Session 2:  Privacy and Competition: a complex interplay image
Jane Bambauer
Professor of Law, University of Arizona
12:15 - 13:15
Session 3: Creating synergies with global data protection regimes

It is widely recognized that international data flows underpin the global economy; with organizations of all sizes and across all sectors relying on the free flow of data between countries and markets to improve research, provide innovative services and products across borders and to deliver socio-economic benefits. In recent years, the lack of a US Federal data privacy law along with the continued fragmentation of data protection regimes worldwide have resulted in growing levels of legal uncertainties and associated costs for organizations operating cross-borders.

In this context, this session will discuss the latest developments around the data transfers agreement that are being negotiated between the US and other regions of the world, how these fit with the overall goals of the recent Declaration on the Future of the Internet initiated by President Biden and endorsed by 60 countries, if and how regulatory convergence and synergies with like-minded partners can truly be achieved and what support, in the meantime, is available to businesses and consumers to navigate a complex global data transfer system made up of intertwined data transfer agreements. Significant focus will be given to the new Trans-Atlantic Data Privacy Framework, which is expected to lead to a new Trans-Atlantic agreement addressing the ECJ Schrems II decision; to the Global CBPR Forum developed with APEC and other countries; and to other international efforts such as the Data Free Flow with Trust or the OECD’s work in developing multilateral models for global data flows to create trusted mechanisms and support responsible cross-border data flows across jurisdictions.

 

Possible questions

  • How can global interoperability between privacy laws be achieved in today’s geopolitical context considering that data transfer agreements are both politically and business driven?
  • Are the right provisions included in the new Trans-Atlantic Data Privacy Framework so that a new durable and reliable agreement able to stand any legal challenge can be reached? How does the ADPPA compare with the EU’s GDPR? Beyond political will, can judiciary issues ever truly be solved? What legal status can be expected from the proposed independent Data Protection Review Court and what can be learnt from the failed ‘ombudsperson’ regime?
  • To which extent can the Global CBPR Forum be considered as a solid multilateral model to be applied globally and as an alternative to Europe’s adequacy decision system?
  • To which extent does the work undertaken at OECD level can inform the creation of trusted mechanisms for data flows that facilitate multilateral cooperation?
  • What role can the discussions around Privacy in the global context have on the development of globally agreed standards for data-enabled technologies such as AI?
Session 3: Creating synergies with global data protection regimes image
Cameron F. Kerry
Distinguished visiting fellow, Center for Technology Innovation, Brookings Institution
13:15 - 14:00
Lunch
14:00 - 14:15
Keynote Speech
Keynote Speech image
Suzan DelBene
US Congresswoman, United States House of Representatives
14:15 - 14:25
Session 4 – Keynote Speech: Child Privacy in the Digital Space: Protection and Empowerment
Session 4 – Keynote Speech: Child Privacy in the Digital Space: Protection and Empowerment image
Senator Ed Markey
US Senator for Massachusetts, US Senate
14:25 - 15:15
Session 4 – Panel: Child Privacy in the Digital Space: Protection and Empowerment

In his SOTU address in March 2022, President Biden called for privacy protections for children to be strengthened. While the internet offers children and teenagers a myriad of opportunities for educational, entertainment and social purposes, they have become vulnerable to a range of issues, including but not limited to, privacy infringements, commercial targeting, dark patterns and exposure to harmful content.  Since the Children’s Online Privacy Protection Act (COPPA), which governs the collection of personal information from children under 13 was last updated almost a decade ago, there has been a rapid evolution of data-enabled innovation and business practices changing the way children interact with the online world, leading to recent attempts at modernising, adapting the rules or creating new ones.

 

This session will explore what would constitute a proportionate response to the ongoing and persistent threats to children’s online privacy, considering the confidentiality and fundamental rights issues at stake, while ensuring the quality and variety of online products and services for children, tweens and teens. It will also debate the extent to which rules governing children’s privacy online could inform a future overall Federal Privacy framework.

 

Possible questions:

  • What are the similarities and key differences between the various files introduced at Congress level, including the bipartisan legislation to update COPPA, Kids PRIVCY Act, KOSA?
  • What privacy and data protection safeguards need to be in place in any rules governing children online privacy and safety to avoid risks of abuse, censorship and mass-surveillance?
  • What more can the tech and Edtech industries do to rethink and embed considerations around online child protection in the design, development and deployment of digital products, services and platforms – even if their services are not primarily targeted at children or teenagers?
  • What are the limitations of the existing age-verification processes of users online? 
  • How can transparency around the collection of children’s data as well as the user-friendliness of privacy settings controls for children and parents be improved?
  • What needs to be done to address the challenges posed by digital advertising methods and engagement practices targeted at children?
  • What can be learnt from the privacy implications of the proposed rules in Europe for a legislation to combat CSAM obliging online services providers to monitor their platforms for child abuse content?
Session 4 – Panel: Child Privacy in the Digital Space: Protection and Empowerment image
Jim Siegl
Senior Technologist, Youth & Education Privacy, Future of Privacy Forum
Session 4 – Panel: Child Privacy in the Digital Space: Protection and Empowerment image
Ashley Johnson
Senior Policy Analyst, Information Technology and Innovation Foundation
15:15 - 15:30
Coffee Break
15:30 - 16:30
Session 5: Lawful access to data and privacy considerations

While access to data and ‘electronic evidence’ is deemed vital to facilitate the efficient detection and investigation of crimes and illegal activities as well as the prosecution of offenders, strong data protection safeguards in the context of law enforcement are however equally crucial to guarantee respect for the rule of law, privacy, civil liberties and to ensure citizens’ trust. This session will debate how the right balance can be found between the need for law enforcement authorities to access electronic data to investigate crimes and protect national security with the need to protect citizens’ privacy, civil liberties, and fundamental rights against abuses.

In the wake of the U.S. Supreme Court’s Roe v. Wade reversal and as most digital products have become tracking devices storing information about our movements, searches and communications data that can serve as evidence, it will discuss how important it is for legislators to factor data privacy concerns post-Roe into negotiations over the ADPPA and other proposed federal privacy bills. It will examine the opportunities and challenges brought by the uses of intelligent tech, such as Artificial Intelligence, biometric data and location tracking, for the detection and investigation of illegal activities. Speakers will examine best practices that have been identified for the promotion of privacy protection and transparency in connection with law enforcement activities and will debate the encryption conundrum. They will also explore how cooperation between law enforcement agencies, the judiciary, tech organizations and other stakeholders can concretely be enhanced, both at US level and with international partners, while supporting individuals’ fundamental rights.

 

Possible questions:

  • How can the balance be found between companies having to guarantee data security, privacy to preserve their users’ trust and the ability for law enforcement agencies to monitor and track criminal activities? How can organizations best engage with law enforcement effectively and how can cross-sector cooperation be enhanced in this area?
  • To which extent do the provisions of the ADPPA and other proposed bills protect against the specific privacy threats in a post Roe world, where location, search and call data can help creating a digital footprint that can serve as evidence?
  • What needs to be done to keep policymakers looking at crafting legislation in this area as informed as possible on best practices so that the framework adequately ensures fundamental rights?
  • What existing tools are available to law enforcement agencies for cyber and data forensics?
  • Can the encryption conundrum ever be solved?
  • What opportunities and challenges do the emergence of technologies enabling the collection, analysis and use of location tracking, biometrics information for investigations, AI, predictive policing and the use of drones, bring and what is being concretely done to address these challenges? 
  • How can the principles of transparency and proportionality be successfully applied in the context of law enforcement?
  • As police agencies worldwide face difficulties investigating crime when the data is stored in other countries, how can issues relating to the US Cloud Act successfully be addressed as part of the going negotiations for a new EU-US Privacy Shield?
Session 5: Lawful access to data and privacy considerations image
Peter A. Winn
Acting Chief Privacy and Civil Liberties Officer, US Department of Justice
Session 5: Lawful access to data and privacy considerations image
Willmary Escoto
U.S. Policy Analyst, Access Now
Session 5: Lawful access to data and privacy considerations image
Dan Caprio
Co-Founder, The Providence Group
16:30 - 17:30
Session 6 – Privacy in the Metaverse: what does the future hold?

By creating an immersive digital universe where users can socialize, undertake collaborative work, shop, travel and attend cultural activities, the metaverse has the potential to unleash an exciting and inclusive new world of enriching experiences and innovative business opportunities. Combining virtual elements with physical space in real time and powered by data-intensive technologies, this hybrid reality can be highly personalized. Cameras, sensors, biometric and haptic technologies in combination with the use of AI will vastly increase the amount of data collected and used to monitor habits, preferences and even physiological responses allowing organizations to gain deeper insights and understanding of users’ behaviors to tailor experiences and products in an extraordinarily targeted way. The concept of data privacy in this hybrid context takes on another dimension with many questions regarding this continuous, in-real time data-collection arising.

 

This session will analyze the security risks and privacy concerns that are expected to be amplified in the metaverse, and how these concerns are being addressed by or diverge from existing policy and regulations about data and consumer protection.  It will also ask how this emerging technology could impact our social and legal understandings of privacy and alter the concept of a ‘Redefining Reasonable Expectations of Privacy’ which is tied to Fourth Amendment protections in the US. Comparing the centralized and decentralized metaverses, it will explore the benefits and risks associated with each model and will consider what privacy might look like in either case. Finally, the discussion will focus on the role of self-regulation, collaboration and standard-setting activities to address privacy issues before the adoption of the technology by individuals, businesses and government becomes more widespread.

 

Possible questions:

  • How do current privacy and consumer protection regimes apply to the metaverse? What are the limits to currently-existing rules and regulations around privacy and consumer protection and how would they need to evolve to allow for the benefits of the technology while addressing the risks and promoting accountability measures?
  • What will data ownership and notice-and-consent look like in centralized and decentralized metaverses? What role with the intermediary platforms play in a centralized scenario, and what decentralized solutions exist to give users greater privacy and more control over their personal data?
  • Are metaverse-specific security and privacy standards needed to ensure interoperability and seamless movement between metaverses, or are existing ones enough? To what extent can voluntary practices and codes of conduct address privacy concerns in the context of the metaverse appropriately considering the risks involved?
  • How can the involvement of all stakeholder groups in the development and deployment of the technology be ensured so that it is built with transparency, inclusiveness, and empowerment at its core?
Session 6 – Privacy in the Metaverse: what does the future hold? image
Will Duffield
Policy Analyst, Cato Institute
Session 6 – Privacy in the Metaverse: what does the future hold? image
Jonathan Litchman
Co-Founder, The Providence Group
Select date to see events.

Sponsorship opportunities

To discuss sponsorship and visibility opportunities at the 2022 Data Privacy Conference USA, please contact Anne-Lise Simon on [email protected] / +44 (0) 2920 783 023

Check

Exclusive speaking positions | Your organisation can contribute to the discussion.

Check

Engaging and Interactive format | Engage in a fully immersive and interactive debate with decision makers, businesses and policymakers.

Check

US and global outreach | Convey your message to a broad and international audience.

Check

Networking opportunities | Connect with your fellow attendees during coffee and lunch breaks throughout the event.

Check

Visibility Opportunities | Ensure maximum visibility through branding in the room, on the event website and marketing activities.

Check

Exhibition and demos area | Showcase your products and solutions or share a position paper with the audience.

Sponsors & Partners

ACT The App Association
AT&T
MSFT logo for ws
Providence Group
Encompass

Practical Information

Venue:

National Press Club
529 14th St NW
Washington, DC 20045
United States

For your health & safety:

The National Press Club requires you to provide a proof of vaccination and photo ID to enter the premises. Please ensure you have these with you in order to attend the conference.

Effective March 1st, 2022, the National Press Club updated their mask policy from “Masks Required” to “Masks Recommended”. 

Touchless hand sanitizer dispensers are located around the venue for your use. 

For further information about proof of vaccination requirements and the National Press Club’s safety measures, please visit their website

Contact:

For more information on any aspect of this event, please contact Anne-Lise Simon using any of the details below.

Anne-Lise Simon
Director | Head of Event Planning & Coordination
Forum Global
[email protected]
Tel: +44 (0) 2920 783 023

Receive our event updates:

Sign up to receive updates on our upcoming policy events. We will only send you emails about the conferences and topics that interest you, and you can unsubscribe at any time.