This event will take place in-person only, with limited, free-of charge places. Registration is now open for application!

The 5th Annual Data Privacy Conference USA will once again gather top-level political and industry leaders, data privacy experts, legislators, regulators, and civil society to explore the US’s response to a dynamically evolving data privacy landscape. The event will examine the current state of data privacy legislation in the US, highlight what can be expected in the medium term, and debate the current outlook for businesses and consumers alike. As the US data privacy landscape develops, so does the global outlook. The conference will discuss how cooperation between different regions of the world can be deepened to promote the free flow of data, including an update on the EU-US Data Protection Framework. Speakers will also explore how the tension between the protection of individuals against the harmful effects of data collection and the promotion of positive innovation can be solved in the context of the deployment of AI technologies, and of the use of health and children’s data.

 

The 5th Annual Data Privacy Conference USA will once again gather top-level political and industry leaders, data privacy experts, legislators, regulators, and civil society to explore the US’s response to a dynamically evolving data privacy landscape. The event will examine the current state of data privacy legislation in the US, highlight what can be expected in the medium term, and debate the current outlook for businesses and consumers alike. As the US data privacy landscape develops, so does the global outlook. The conference will discuss how cooperation between different regions of the world can be deepened to promote the free flow of data, including the latest on the newly agreed EU-US Data Protection Framework. Speakers will also explore how the tension between the protection of individuals against the harmful effects of data collection and the promotion of positive innovation can be solved in the context of the deployment of AI technologies, and of the use of health and children’s data.

 

Themes

The US data privacy and security legislative landscape

The US Data Privacy and Security legislative landscape

Enabling cross-border data flows

Enabling Cross-border Data Flows

Data privacy protections to build trust and confidence in AI

Data Privacy Protections to build Trust and Confidence in AI

Protecting children privacy and online safety

Protecting Children's Privacy and Online Safety

Data privacy in healthcare

Data Privacy in Healthcare

The 5th Annual Data Privacy Conference

Speakers

Cathy McMorris Rogers

Cathy McMorris Rodgers

Chair of the House Energy and Commerce Committee
US House of Representatives

*Via pre-recorded video message

 

Marsha Blackburn

Senator Marsha Blackburn

Ranking Member of the Subcommittee on Consumer Protection, Product Safety, and Data Security
US Senate

Mason Clutter

Mason C. Clutter

Chief Privacy Officer
U.S. Department of Homeland Security

 

Katy Ruckle 240

Katy Ruckle

Chief Privacy Officer
Washington State

Jared Solomon 240

Jared Solomon

Delegate
State of Maryland

Melanie Rainer 240

Melanie Fontes Rainer

Director of the Office for Civil Rights
U.S. Department of Health and Human Services

Elham Tabassi 240

Elham Tabassi

Associate Director for Emerging Technologies, Information Technology Laboratory
NIST

Untitled design (13)

Elisa Jillson

Attorney, Division of Privacy and Identity Protection, Bureau of Consumer Protection FTC

Loyaan Egal 240 NEW

Loyaan A. Egal

Chief of the Enforcement Bureau and leader of the Privacy and Data Protection Task Force
Federal Communications Commission

Untitled design (14)

Alex Greenstein

Director, Privacy Shield
US Department of Commerce

Untitled design (15)

Andrew Hasty

Attorney, Division of Privacy and Identity Protection, Bureau of Consumer Protection
FTC

Travis Hall 240

Travis Hall

Acting Deputy Associate Administrator, Office of Policy Analysis and Development (OPAD)
NTIA, U.S. Department of Commerce

cameron 240

Cameron F. Kerry

Distinguished visiting fellow, Center for Technology Innovation
Brookings Institution

Morgane Dose

Morgane Donse

Deputy Director International Data Flows
UK Government

Evangelos Razis

Evangelos Razis

Senior Manager of Public Policy
Workday

Untitled design (16)

Jordan Crenshaw

Senior Vice President
C_TEC, U.S. Chamber of Commerce

Untitled design (18)

Denise Tayloe

CEO & Co-Founder Privo

Ben Brook

Ben Brook

CEO & Co-Founder
Transcend

Morgan Reed 240

Morgan Reed

President
ACT | The App Association

 

Paula Bruening 240

Paula Bruening

Founder and Principal
Casentino Strategies LLC

 

Stu Ingis 240

Stu Ingis

Chairman and co-chair of the eCommerce, Privacy, and Cybersecurity Group
Venable

 

Divya Sridhar 240

Divya Sridhar, Ph.D.

Director of Privacy Initiatives
BBB National Programs

 

Thomas George 240

Thomas George

Practice Lead
Data Science
Vidoori

 

William Sweeney 240

William Sweeney

Founder and Managing Partner
Zaviant

 

Zaid (1)

Zaid A. Zaid

Director, 
Head of U.S. Public Policy
Cloudflare

Sreedhar Rao 240

Sreedhar Rao

Lead Volunteer, Digital Privacy Initiative
IEEE

 

NEW Alan Butler 240

Alan Butler

Executive Director and President
EPIC

Untitled design (17)

Gabriela Zanfir-Fortuna

Vice President for Global Privacy
Future of Privacy Forum

Sarah Myers West

Sarah Myers West

Managing Director
AI Now Institute

Jason Kelley 240

Jason Kelley

Activism Director
Electronic Frontier Foundation

 

Brandon Pugh

Brandon J. Pugh, Esq.

Director, Cybersecurity and Emerging Threats
R Street Institute

 

Ashley Johnson 240

Ashley Johnson

Senior Policy Analyst
Information Technology and Innovation Foundation

 

Cobum Zweifel Keegan 240

Cobun Zweifel-Keegan

Managing Director, Washington, D.C.
International Association of Privacy Professionals

 

Dan Caprio

Dan Caprio

Chairman & Co-Founder
The Providence Group

 

Agenda

To address the risks and challenges associated with personal-data-enabled technologies, a comprehensive federal privacy law has been several years in the making in the US, culminating with the introduction of the ADPPA in 2022, which failed to pass in the last Congress. As the drive behind the legislation remains, the bill is expected to be re-introduced this year *(at the time of writing) with possible significant changes to reach full bi-partisan agreement. In the meantime, data privacy laws of varying scope have continued to be implemented at State level, with many more expecting to follow suit, adding to the patchwork of competing and potentially contradictory data protection rules across the country. Against this backdrop, the FTC also continues to consider privacy rulemaking to design a harmonised data privacy framework that would enhance trust by granting data subjects explicit protections and provide regulatory certainty to businesses. This context will serve as the main thread of the discussions held on the day, reflected in the below agenda.

*** Times are listed in ET ***

Data Privacy Conference
2023-09-19
08:55 - 09:00
Welcome by Forum Global
09:00 - 10:45
Session 1: The US Data Privacy and Security legislative landscape: What has changed in the last 5 years? What’s next?

Despite some much-anticipated progress towards advancing the ADPPA in 2022, Congress’s efforts to pass a comprehensive bipartisan privacy bill are still stalling (*at time of writing), while states continue to take the lead by introducing and passing various comprehensive or sectoral privacy laws. The FTC, in the meantime, continues to deliberate over what is next beyond its ANPR on commercial surveillance and data security.

 

Following the keynote session, and serving as an introduction to the rest of the day’s discussions, this panel will dive deeper into an analysis of the current state of data protection regulatory initiatives in the US and debate what this landscape means for individuals, tech, and non-tech businesses, including SMBs. It will explore the convergence and divergence of state laws enacted or introduced recently with one another (including narrower state laws governing specific forms or uses of data) as well as what is being considered at Congress and FTC levels. In this context, the panel will highlight the need for organizations to develop comprehensive data frameworks that consider data privacy and security concepts as well as human and technical elements to ensure better compliance with existing and possible future rules, increase individual trust, and reduce the risk of data breaches. This discussion will explore best practices and touch upon the interlink between cybersecurity and data privacy and the need to balance compliance, risk management, and effective business operations.

 

As this event reaches its 5th edition, it will be an opportunity to discuss what has changed in the past 5 years in the realm of Data Privacy in the US, and what more needs to be done considering broader tech regulatory developments that have occurred worldwide.

 

  • What are the key similarities and differences between recently enacted and introduced state privacy laws, and how do they compare with obligations included in the ADPPA framework?
  • What are some of the best practices for building data privacy programs that comply with different (and sometimes overlapping) privacy requirements while allowing for new rules in the future, including laws governing specific and narrower forms or uses of data? How can businesses ensure that their privacy programs are forward-thinking and agile enough to address future privacy laws, the constant emergence of new technologies and the continuously evolving threat landscape?
  • How can businesses embed the principles of collection limitation, data minimization, purpose specification, and privacy-by-design in their operations, and what role can technological innovation play?
  • To what extent should different levels of data protection based on the sensitivity and risk of each type of data exist? 

 

Keynote Speeches
Keynote Speeches image
Cathy McMorris Rodgers
Chair of the House Energy and Commerce Committee, US House of Representatives *via pre-recorded video message
Keynote Speeches image
Cameron F. Kerry
Distinguished visiting fellow, Center for Technology Innovation, Brookings Institution
Panel
Panel image
Alan Butler
Executive Director and President, EPIC
Panel image
Jordan Crenshaw
Senior Vice President, C_TEC, U.S. Chamber of Commerce
Panel image
Stu Ingis
Chairman and co-chair of the eCommerce, Privacy, and Cybersecurity Group, Venable
Panel image
Divya Sridhar, Ph.D.
Director of Privacy Initiatives, BBB National Programs
Panel image
Sreedhar Rao
Lead Volunteer, Digital Privacy Initiative, IEEE
Panel image
Cameron F. Kerry
Distinguished visiting fellow, Center for Technology Innovation, Brookings Institution
10:45 - 11:00
Fireside Chat
Fireside Chat image
Loyaan A. Egal
Chief of the Enforcement Bureau and leader of the Privacy and Data Protection Task Force, Federal Communications Commission
Fireside Chat image
Brandon J. Pugh, Esq.
Director, Cybersecurity and Emerging Threats, R Street Institute
11:00 - 11:30
Coffee Break
11:30 - 12:45
Session 2: Encouraging the interoperability of data governance systems globally to enable cross-border data flows

As the US Data Privacy landscape evolves, so does the global outlook. With several countries and regions implementing different data protection and privacy frameworks, there is a risk that contrasting data governance regimes further complicate the free flow of data globally, which is crucial to the functioning of the global digital economy and trade. The adequacy decision for the EU-U.S. Data Privacy Framework has been adopted by the European Commission, following President Biden’s signature of the Executive Order on ‘Enhancing Safeguards for United States Signals Intelligence’; the CBPR Forum is welcoming participation from interested jurisdictions worldwide following the release of the Global CBPR Framework and its Terms of Reference; the OECD member countries have signed a Declaration on Government Access to Personal Data Held by Private Sector Entities aimed at facilitating government access to personal data held by businesses for law enforcement purposes; and the G7 Digital Ministers recently reaffirmed their support for the Data Free Flow with Trust system. Taking all these initiatives into account, this panel will discuss how efficient these are, how multilateral cooperation to boost the free flow of data can be further promoted, and if a trusted, interoperable global governance system that enables cross-border data flows can genuinely be achieved so that citizens and businesses across the world can fully participate in the digital economy and harness socio-economic opportunities.

 

  • To what extent do the safeguards and redress mechanism provisions included in the new EU-US Data Privacy Framework appropriately address the issues raised by the CJEU, and will the new framework withstand another challenge in the courts? What is being done to ensure the EU offers reciprocal legal remedies to American citizens?
  • To what extent can the Global CBPR Framework be considered a solid alternative to the GDPR as a global benchmark for privacy standards worldwide? 
  • To what extent can the work undertaken by the Global CBPR and the OECD’s declaration on trusted government access to data inform the next steps for the DFFT initiative? 
  • How can interoperability, rather than strict equivalence, be further encouraged between national and regional data governance systems to improve trust between trading partners?
  • What support is given to global businesses that must comply with multiple data privacy laws around the globe, especially given the current economic context?

 

Session 2: Encouraging the interoperability of data governance systems globally to enable cross-border data flows image
Alex Greenstein
Director, Privacy Shield, U.S. Department of Commerce
Session 2: Encouraging the interoperability of data governance systems globally to enable cross-border data flows image
Gabriela Zanfir-Fortuna
Vice President for Global Privacy, Future of Privacy Forum
Session 2: Encouraging the interoperability of data governance systems globally to enable cross-border data flows image
Paula Bruening
Founder and Principal Casentino Strategies LLC and Privacy Fellow, Innovators Network Foundation
Session 2: Encouraging the interoperability of data governance systems globally to enable cross-border data flows image
Zaid A. Zaid
Director, Head of U.S. Public Policy, Cloudflare
Session 2: Encouraging the interoperability of data governance systems globally to enable cross-border data flows image
Morgane Donse
Deputy Director International Data Flows, UK Government
Session 2: Encouraging the interoperability of data governance systems globally to enable cross-border data flows image
Cobun Zweifel-Keegan
Managing Director, Washington, D.C, International Association of Privacy Professionals
12:45 - 14:00
Lunch
14:00 - 14:15
Speech
Speech image
Mason C. Clutter
Chief Privacy Officer, U.S. Department of Homeland Security
14:15 - 15:30
Session 3: Reaching effective data privacy protection to build trust and confidence in AI

As AI systems become more ubiquitous in our lives, it is crucial that the personal and sensitive data collected to train algorithms isn’t used in the wrong context and that organizations understand the risks associated with using the technology, so that they take the necessary steps to protect consumers’ privacy. While the current headlines primarily focus on the risks linked to generative AI, it is essential to remember that the socio-economic benefits of data-enabled technologies such as AI are manifold, providing organizations with valuable insights to improve products, services, research and address socio-economic challenges. It is, therefore, essential that data-related regulations do not impede the endless opportunities it can deliver but encourage the deployment of AI technologies in ethical ways, protect privacy, eliminate bias and promote fairness and equity in line with core U.S. values.

 

This session will focus on the power of personal data in delivering data-enabled intelligent technologies for the interest of society as a whole and the challenges involved by discussing the complex interplay between data, AI, privacy, and the protection of civil rights against possible harmful automated decision-making. It will explore the potential of PETs to drive positive change while protecting privacy during the collection, processing, analysis, and sharing of data and to ultimately build trust with the public to empower them to participate in a data economy that benefits society equitably. Speakers will discuss the latest initiatives and regulatory work undertaken in these areas, such as the AI Bill of Rights released by the White House in October 2022; NIST’s Artificial Intelligence Risk Management Framework, the OSTP’s National Strategy to Advance Privacy-Preserving Data Sharing and Analytics; NTIA’s recent AI Accountability Request for Comment; the FTC’s guidance on algorithmic bias; and ask how technical, legal, and policy experts can collaborate to shape a US strategy and policies on data and AI that balance the tension between the protection of individuals against harmful effects and the promotion of positive innovation,

 

  • As AI systems rely on the availability and accessibility to large amounts of data – sometimes personal and highly sensitive data – how can it be ensured that enough data, representative of all groups of society, is available to accurately train AI systems while simultaneously preserving data privacy and avoid bias, discriminatory or unfair outcomes? 
  • What role can PETs play, and to what extent can they help uphold commitments to equity, transparency, and accountability? What needs to be done to accelerate their uptake? What could a future data ecosystem that effectively incorporates PETs look like?
  • How can principles such as fairness, transparency, accountability, equity and explainability (all included in the White House AI Bill of Rights) truly be operationalized for commercial and government use? 
  • Does the lack of a comprehensive federal privacy law undermine the possible advancement of responsible artificial intelligence-based technologies? To what extent do the discussions around AI regulation differentiate non-personal data from personal data and non-sensitive data from sensitive data?
  • What can be done to build confidence and empower citizens to access, manage and share their data with private and public organisations to bring unprecedented benefits to broader society?

 

Session 3: Reaching effective data privacy protection to build trust and confidence in AI image
Elham Tabassi
Associate Director for Emerging Technologies, Information Technology Laboratory, NIST
Session 3: Reaching effective data privacy protection to build trust and confidence in AI image
Sarah Myers West
Managing Director, AI Now Institute
Session 3: Reaching effective data privacy protection to build trust and confidence in AI image
Ben Brook
CEO and Co-founder, Transcend
Session 3: Reaching effective data privacy protection to build trust and confidence in AI image
Dan Caprio
Co-Founder, The Providence Group
Session 3: Reaching effective data privacy protection to build trust and confidence in AI image
Evangelos Razis
Senior Manager for Public Policy, Workday
15:30 - 15:45
Coffee Break
15:45 - 16:00
Keynote Speech
Keynote Speech image
Senator Marsha Blackburn
Ranking Member of the Subcommittee on Consumer Protection, Product Safety, and Data Security, US Senate
16:00 - 16:45
Session 4: A Focus on Protecting Children’s Privacy and Online Safety

Children’s data privacy has moved to the forefront of the legislative and regulatory agenda. President Biden has repeated calls for broader data privacy protection and stricter limits on companies collecting personal data, with a total prohibition on targeted advertising to children; the FTC’s enforcement efforts on children’s privacy through COPPA have intensified, and the agency has questioned whether commercial surveillance practices harm minors in its ANPR; several bills have been introduced in Congress to improve children privacy and online safety standards (including the recently-reintroduced KOSA), and States have taken action to create comprehensive children’s privacy and social media safety laws, prompted by the California Age-Appropriate Design Act.

 

 

As momentum around minor’s privacy is building, and with children’s privacy and safety intrinsically interlinked, this panel will explore the current state of children’s online protections in the US as well as the challenges faced by parents, educators, the tech industry, and policymakers to protect young people when considering both the direct and indirect risks of data collection, Generative AI, algorithmic amplification, and dark patterns. Panelists will examine how technology can be both a tool for protection and risk to privacy with a focus on age-verification tools and the privacy implications linked to this solution and will analyze how best practices such as parental control tools, privacy education for children and parents, and responsible data collection be optimized.

 

  • To what extent do the various bills introduced at State and Federal levels adequately protect young people’s privacy and shield them from online harms? Will real change come from children-specific data privacy laws or a broader comprehensive federal law similar to ADPPA?
  • With new rules, such as the California Age-Appropriate Design Code, requiring platforms to assess possible harm to children before rolling new products out and to expand their default privacy settings, how can businesses embed the privacy-by-design and privacy-by-default principles into the designs of their latest products and solutions, especially if they don’t think of themselves as doing business with children? Shouldn’t these rules apply to all users, regardless of their age? 
  • What are the benefits and drawbacks of age verification solutions and encryption?
  • What does current enforcement look like for the protection of children’s privacy, and what can be expected in the future from the FTC to regulate further the collection, use, sharing, and retention of children’s data and the security requirements linked to this, as new technologies such as the metaverse and natural language processing tool driven by AI technology emerge?

 

Session 4: A Focus on Protecting Children’s Privacy and Online Safety image
Andrew Hasty
Attorney, Division of Privacy and Identity Protection, Bureau of Consumer Protection, FTC
Session 4: A Focus on Protecting Children’s Privacy and Online Safety image
Travis Hall
Acting Deputy Associate Administrator, Office of Policy Analysis and Development (OPAD), NTIA, U.S. Department of Commerce
Session 4: A Focus on Protecting Children’s Privacy and Online Safety image
Denise Tayloe
CEO & Co-Founder, Privo
Session 4: A Focus on Protecting Children’s Privacy and Online Safety image
Jared Solomon
Delegate, State of Maryland
Session 4: A Focus on Protecting Children’s Privacy and Online Safety image
Jason Kelley
Activism Director, Electronic Frontier Foundation
Session 4: A Focus on Protecting Children’s Privacy and Online Safety image
Ashley Johnson
Senior Policy Analyst Information Technology and Innovation Foundation
16:45 - 17:30
Session 5: A Focus on Data Privacy in Healthcare

Using personal data in healthcare can bring numerous benefits, including improved patient outcomes, enhanced medical research for treatments and cures, and better public health. With the increasing amount of patient information being generated, collected and shared, and with several tech companies attempting to enter the healthcare market, the benefits of using personal data for improved healthcare outcomes must be balanced with the need to protect patient privacy and ensure that data is used ethically and responsibly. With HIPAA being nearly three decades old, the law does not cover health data collected by health apps, web searches, wearables and other technologies that have boomed in recent years, creating a gap in patient protections. This session will discuss how the privacy of patients can be improved while enabling healthcare providers and the tech industry to deliver the promise of data-enhanced healthcare. It will explore the scope, benefits, and limits of HIPAA and the extent to which new safeguards are needed for Americans’ health data. It will examine how healthcare providers, patient groups, the tech industry, researchers and policymakers can work together to mitigate the risks linked to using sensitive medical data and artificial intelligence tools.

 

  • What are the potential consequences of data breaches and cyber attacks on healthcare systems, and how can healthcare providers, the tech industry and policymakers mitigate these risks?
  • In the absence of a comprehensive federal privacy law, how can health data falling outside the scope of HIPAA be protected? To what extent does HIPAA need to be updated to account for the evolution of emerging technologies and data management tools, or are brand new rules covering the privacy protections of health data required? What is being done at the state level?
  • How can patients’ trust in using their medical data be enhanced? What are the latest trends and innovations in data privacy in healthcare, and how can these be leveraged to improve patient outcomes? What role is there for PETs and Artificial Intelligence?

 

Session 5: A Focus on Data Privacy in Healthcare image
Melanie Fontes Rainer
Director of the Office for Civil Rights, U.S. Department of Health and Human Services
Session 5: A Focus on Data Privacy in Healthcare image
Katy Ruckle
Chief Privacy Officer, Washington State
Session 5: A Focus on Data Privacy in Healthcare image
Elisa Jillson
Attorney, Division of Privacy and Identity Protection, Bureau of Consumer Protection, FTC
Session 5: A Focus on Data Privacy in Healthcare image
Morgan Reed
President, ACT | The App Association
Session 5: A Focus on Data Privacy in Healthcare image
Thomas George
Practice Lead, Data Science, Vidoori
Session 5: A Focus on Data Privacy in Healthcare image
William Sweeney
Founder and Managing Partner, Zaviant
Select date to see events.

Sponsorship opportunities

To discuss sponsorship and visibility opportunities at the 2023 Data Privacy Conference USA, please contact Anne-Lise Simon on [email protected] / +44 (0) 2920 783 023

checked

Exclusive speaking positions | Your organization can contribute to the discussion.

checked

Engaging and Interactive format | Engage in a fully immersive and interactive debate with decision makers, businesses and policymakers.

checked

US and global outreach | Convey your message to a broad and international audience.

checked

Networking opportunities | Connect with your fellow attendees during coffee and lunch breaks throughout the event.

checked

Visibility Opportunities | Ensure maximum visibility through branding in the room, on the event website and marketing activities.

checked

Exhibition and demos area | Showcase your products and solutions or share a position paper with the audience.

Past Sponsors & Partners Include...

ACT The App Association
AT&T
acxiom
Active Navigation
BSA
FACEBOOK
IEEE
Internet association
ITI-logo_vertical
kinesso
liveramp
NortonLifeLock
OneTrust
palantir
SIIA
US Chamber of commerce
Workday
Providence Group
ACT The App Association
AT&T
acxiom
Active Navigation
BSA
FACEBOOK
IEEE
Internet association
ITI-logo_vertical
OneTrust
palantir
SIIA
US Chamber of commerce
Workday
Providence Group

Sponsors & Partners

ACT The App Association
AT&T
BBB logo for website
Cloudflare for WS
IEEE For website
Untitled design (30)
Untitled design (25)
NEW c_tec logo for w_s
Venable for WS
Vidoori
Workday
Zaviant for WS
Providence Group

Social Media

Let your network know you’re attending this year’s conference by sharing the below graphic on social media. Don’t forget to use the event hashtag #DataUSA22

Practical Information

Venue:

National Press Club
529 14th St NW
Washington, D.C. 20045
United States

Contact:

For more information on any aspect of this event, please contact Anne-Lise Simon using any of the details below.

Anne-Lise Simon
Director | Head of Event Planning & Coordination
Forum Global
[email protected]
Tel: +44 (0) 2920 783 023

#DataUSA23

Receive our event updates:

Sign up to receive updates on our upcoming policy events. We will only send you emails about the conferences and topics that interest you, and you can unsubscribe at any time.