Ref. Ares(2021)6133247 - 08/10/2021
COMPUTERS, PRIVACY AND DATA PROTECTION - CPDP 2015
DATA PROTECTION ON THE MOVE
21 JANUARY - 23 JANUARY 2015 , LES HALLES DE SCHAERBEEK, BRUSSELS BELGIUM
Draft 29.09.2014
Updated 26.10.2014
Preliminary Programme - Disclaimer Please note that this preliminary version of the
program is in a very early stage and that some panels will change or be rescheduled.
Please do not circulate further
Day 1 - WEDNESDAY 21ND JANUARY 2014
08.15 - Welcome coffee in
Le Village
Grande Halle
08.30 - INTRODUCTION TO THE FIRST DAY BY PAUL DE HERT
08.45 – TO BE OR NOT TO BE (ANONYMOUS)? ANONYMITY IN THE AGE
OF BIG AND OPEN DATA organized by INRIA
Academic:** Policy:** Business:**
Anonymisation is seen an essential prerequisite for the development of big data and
open data because it is the only way to allow the disclosure of large datasets while pre-
serving individual’s privacy. However, what do we mean exactly by anonymisation and
what could be considered as a truly anonymous dataset? Is it possible to ensure that any
de-identified data cannot be re-identified one day? If not, where to draw the line be-
tween anonymous and personal data? These questions are under considerable debate
and the answers are of strategic importance. Being able to address these issues in an
interdisciplinary way is essential and this panel will gather computer scientists, statisti-
cians and lawyers to contrast and discuss their views on anonymisation. The panel will
also provide the opportunity to present and discuss the Opinion 05/2014 of the Working
Party 29 on anonymisation techniques.
What is anonymous data?
How to anonymise data in practice?
What are the limitations of anonymisation?
How can regulation go beyond the duality personal data / anonymous data?
Chair: Daniel Le Métayer, INRIA (FR)
1 /
33
Moderator: Benjamin Nguyen, INSA Centre Val de Loire (FR)
Panelists:
*Josep Domingo-Ferrer, Universitat Rovira i Virgili (SP)
*Mark Elliot, University of Manchester (UK)
*Antoinette Rouvroy, University of Namur (BE)
*Vincent Toubiana, CNIL (FR)
10.00 Coffee break
10.30 – THE EU-US INTERFACE: IS IT POSSIBLE? organized by ISP at Yale Law
Academic ** Policy * Business ***
The EU and the United States have vastly different approaches to data privacy and data
security. In light of EU attempts at data protection reform and ongoing negotiations of
the Transatlantic Trade and Investment Partnership (TTIP), this panel will discuss
whether it is possible to build a working cross-border interface between EU and US data
protection regimes.
This panel will explore differences and identify commonalities between the EU and US
approaches, with an eye to both the protection of civil liberties and to practical ques-
tions faced by organizations seeking to fulfil compliance obligations. It will discuss to
what extent data protection should be housed in governments versus delegated to pri-
vate industry. It will ask whether the TTIP is an appropriate venue for discussing in-
creased harmonization between the regulatory regimes.
Can we identify commonalities between the EU and US approaches to data regula-
tion?
Are commonalities substantive, or procedural?
Can the development of compliance activities be successfully delegated to private
industry?
Is the TTIP an appropriate venue for discussing increased harmonization between the
US and EU?
Chair: Margot Kaminski, Ohio State University (US) / David Thaw, University of
Pittsburgh (US)
Moderator: tbc
Panelists: * Pierluigi Perri, University of Milan (IT)
* Joel Reidenberg, Fordham University Law School (US)
* David Thaw, University of Pittsburgh (US)
* Joris van Hoboken, University of Amsterdam (NL)
* Eduardo Ustaran, Hogan Lovells (UK)
2 /
33
11:45 - CROSS-BORDER DATA FLOW: WHERE DO WE STAND? organized by
CPDP
Policy ******
Following from the technical panel at 10.30, this panel will take a broader perspective
and consider the political context of data protection reform. With speakers representing
the major EU institutions, the panel will shed light on the actors, constellations, and
obstructions defining the current state of data protection reform.
• · Who are the actors pushing/obstructing the reform process?
• · What are their positions?
• · Which are the key debates regarding the reform?
· What is the outlook?
Chair: tbc
Moderator: tbc
Panelists:
Ruth Boardman, Bird & Bird (UK) (tbc)
Colin Benett, University of Victoria (CA)
Bruno Gencarelli, European Commission (EU)
13.00 lunch break
14:00 – PRIVACY PLATFORM – Topic tbc organised by Sophie in 't Veld, Member
of the European Parliament (NL) tbc Policy ******
Chair: Sophie in ‘t Veld, Member of the European Parliament (NL) tbc
Moderator: tbc
Panelists: tbc
15.15 coffee break
15.30 – USERS’ CONTROL OVER THEIR DATA: IS PRIOR CONSENT
THE BEST WAY TO MONITOR organized by CPDP Academic ** Policy ** Business **
Chair: Paraskevi MICHOU, DG Justice, (EU) (tbc)
3 /
33
Moderator: Gilles BABINET (tbc)
Panelists: * Wojciech Rafał Wiewiorówski, GIODO (PL) (tbc)
* Julie Brill, Federal Trade Commision (US) (tbc)
* Bruno Gencarelli, DG Justice (EU) OR Augustin REYNA, BEUC (EU) (tbc)
* Marie-Charlotte Roques-Bonnet, Microsoft (BE)
16.45 –– LGBTQI COMMUNITIES AND DIGITAL RIGHTS organized by the
Council of Europe
Academic ** Policy ** Business **
Digital rights & freedom online of LGBTQI community is a complex issue that has so
far received very limited public, institutional and academic attention. This panel aims at
initiating the debate by specifically focusing on the right to privacy and freedom from
surveillance online of LGBTQI communities. Laws or actions that unlawfully inhibit
free expression of LGBTQI communities in the digital communications will be ex-
plored. In an LGBTQI context, the right to privacy online becomes a particularly sensi-
tive issue, as for many individuals the right to privacy may also be an important aspect
of protecting their physical safety. The panel aims at discussing how privacy should
enable the right to free speech online (e.g., ban on ‘propaganda of non-traditional sexual
relations to minors’) as well as the impact of government surveillance which historically
has been used to out, blackmail, humiliate, and bully LBGTQI people. The panel aims
at critically discussing the technological capacities today to track individual browsing
habits (e.g. porn websites) and ability to use this information to discredit , e.g., ‘political
opponents’ or ‘radicalizers’.
LGBTQI communities and privacy online: complex ethical considerations and social
practices (e.g., ‘outing’ by social networking sites, fear of bullying or reprisals)
LGBTQI content and Internet censorship, ‘propaganda’ laws and bans
LGBTQI and the right to information online
LGBTQI communities and government surveillance – history and present (NSA
tracking of porn habits for discrediting)
Chair: Sophie Kwasny, Council of Europe (INT)
Moderator: Monika Zalnieriute, European University Institute (IT)
Panel:
* Lara Ballard, US Department of State (US) (tbc)
* Ben Wagner, European University Viadrina (DE)
* Katarzyna Szymielewicz, Panoptykon Foundation (PL)
* Representative from Facebook
18.00 Cocktail
4 /
33
20.00 – UGO PALLO ROBOTICS
Petite Halle
8.45 – CRISP: PbD Issues of Wearable Devices Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists : tbc
10.00 coffee break
10:30 – QUANTIFIED SELF AND HEALTH APPSorganised by CPDP (TBC)
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists : tbc
11.45 – SECONDARY USE OF HEALTH DATA IN RESEARCH organised by
FEDERA/COREON
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Possible Panelists: tbc
13.15 lunch break
14.00 – SECONDARY USE OF HEALTH DATA IN RESEARCH organised by
FEDERA/COREON
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
5 /
33
Possible Panelists: tbc
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists:
15.15 coffee break
15.30 – OPPORTUNITIES AND RISKS OF BIG DATA IN DISEASE
SURVEILLANCE organised by the Robert Koch Institute Academic **** Policy **
As a sector often embedded within the structures of government, public health has be-
come a hybrid sector of biomedical and health promotion interest that must also meet
government imperatives. There is potential for conflict between these different impera-
tives, especially given the increasing technical innovation with approaches and methods
of data analytics and data mining that are more and more implemented in public health.
For example, digital epidemiology aims to capture, record and analyze Internet-based
data and social media data in order to enhance public health surveillance, offering im-
proved detection of infectious diseases in the population to enhance disease prevention
efforts or to minimize reaction times to perceived public health threats. Subsequently,
the panel aims to discuss three major questions:
Is there evidence of epistemic change from a traditionally causal investigation with
mostly biostatistical approaches to an innovative method of network visualization and
exploratory inquiry?
In as far as these new approaches encompass aspects of privacy, human rights and
social discrimination, is it possible to minimize or rather prevent such infringements?
How should we assess digital epidemiology, particularly given an increasing health-
security nexus?
Chair: Tim Eckmanns, Robert Koch Institute (DE)
Moderator: Leon Hempel, TU Berlin (DE)
Panelists
* Edward Velasco, Robert Koch Institute (DE)
* Klaus Scheuermann, (DE)
* Martin French, Concordia University (US) tbc
6 /
33
16.45 – PRIVACY OF THE GENOME: CHALLENGES BEYOND
TRADITIONAL MEDICAL RECORDS organised by TU Darmstadt
Academic ** Policy *** Business *
Impressive advances in genome sequencing have opened the way to a variety of revolu-
tionary applications in modern healthcare. In particular, the increasing understanding of
the human genome, and of its relation to diseases and its response to treatments brings
promise of improvements in preventive and personalized healthcare, as well as in public
health. However, because of the genome's highly sensitive nature, this progress raises
important privacy and ethical concerns that need to be addressed. Indeed, besides carry-
ing information about a person's genetic condition and his predisposition to specific
diseases, the genome also contains information about the individual's relatives. The
leakage of such information can open the door to a variety of abuses and threats not yet
fully understood. The panel aims to:
Raise awareness in the realm of policy setting for the trade-offs between research and
medical care benefits and privacy
Discuss and introduce potential technical solutions in 'secure bioinformatics'
Encourage businesses and legal practitioners to contribute their expertise
Chair: Kay Hamacher, TU Darmstadt (DE)
Moderator: Jean-Pierre Hubaux, Swiss Federal Institute of Technology in Lausanne
(EPFL) (CH)
Panelists
* Emiliano De Cristofaro, University College London (UK)
* Stefan Katzenbeisser, TU Darmstadt (DE)
* Indra Spiecker genannt Döhmann, University of Frankfurt (DE) tbc
* Jacques Fellay, Swiss Federal Institute of Technology in Lausanne (EPFL) (CH)
La Cave
08.45 – COMBINING PRIVACY IN THE WORKPLACE WITH
INFORMATION SECURITY MEASURES organized by the Interdisciplinary Cen-
tre for Law and ICT (ICRI) KU Leuven
The workplace is typically a place where privacy and data protection are challenged by
competing interests. The panel will highlight the exercise of balancing the employer’s
security-related interests with the reasonable privacy expectations of employees. As the
value of information exchange increases, humans are considered as the weakest link in
the company’s security chain while companies are required to take security measures in
order to protect their information assets. Company information is stored on, or made
available via, the company’s databases and networks. This information is accessible by
using mobile devices whether or not furnished by the employer, from multiple places
inside or outside of company premises. For this reason, the implementation of security
7 /
33
measures requires a careful balancing of all legitimate interests at stake. The debate in
the panel will highlight the perspectives of academics, politicians and businesses on the
current situation of data protection in the workplace as well as on the future needs (in
relation to the impact of the proposed General Data Protection Regulation).
Where issues and imbalances between information security and data protection have
been encountered
The impact of the proposed GDPR on employee protection
How can different perspectives contribute to better information security management
in a company-culture of privacy – how can security tools be designed in a privacy-
friendly way?
Chair: Yung Shin Marleen van der Sype, KU Leuven (BE)
Moderator: tbc
Panelists:
* Nigel Moss, Coca-Cola (UK)
* Walid Maalej, University of Hamburg (DE)
* Frank Hendrickx, KU Leuven (BE)
* Anna Esparcia, S2 (SP) tbc
10.
00 coffee break
10.30 – CRYPTO WAS RELOADED? SECURITY TECHNOLOGIES AND
GOVERNMENT ACCESS TO DATA organized by CPDP
Academic *** Policy ** Business *
Chair: tbc
Moderator: Seda Gürses, NYU (US)
Speaker 1: Comp sci academic
Speaker 2: Law enforcement representative
Speaker 3: Activist/lawyer
Speaker 4: Representative of Apple or Qnective
11.45 – OBSCURING TECHNOLOGIES organised by CPDP
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panel: tbc
8 /
33
13.00 lunch break
14.00 – Data Protection in Latin America – organized by CPDP
Academic ** Policy ** Business **
Analysis of data protection developments in Latin America. Reforms to telecommunica-
tions law, and the impact of such reforms on privacy and data protection standards.
Chair: Artemi Rallo Lombarte, University Jaume I (ES)
Moderator: tbc
Panelists:
*Pablo Palazzi, Universidad de San Andrés (AR)
15.15 coffee break
15.30 – DATA PROTECTION AND ENVIRONMENTAL LAW organised by the
University of Galway tbc
Academic ** Policy ** Business **
Chair: tbc
Moderator: Rónán Kennedy
Panelists: Professor Burkhard Schafer, School of Law, University of Edinburgh
Mr Andrew Jackson, An Taisce
Dr Michael Lang, School of Business, National University of Ireland Galway
Ms Martina Hennessy, Environmental Protection Agency, Ireland
16.45 – PRIVACY BY ANALOGY: LESSONS FROM COPYRIGHT LAW,
ENVIRONMENTAL LAW, CONSUMER PROTECTION LAW AND
COMPLIANCE WITH FINANCIAL REGULATIONS organized by the Institute
for Information Law (IViR), University of Amsterdam (NL)
Academic ** Policy ****
Despite being heralded as one of the most progressive legal regimes worldwide, EU
data protection regulation is criticized for its effectiveness. The scale of online personal
data processing is widely perceived as a disruptive challenge that would require an evo-
lution in the tactics and means of data protection regulation. The draft General Data
Protection Regulation aims to modernize the approach by introducing measures that
9 /
33
would strengthen individuals’ rights and reinforce compliance by data controller
through enhanced accountability.
Considering that the Regulation is a means of achieving policy objectives a comparative
perspective can offer additional insights and facilitate policy learning. This panel com-
pares issues in data protection regulation with analogous developments in the fields of
copyright law, environmental law, consumer protection law and financial regulations,
which all display important similarities with certain challenges at hand, such as ac-
countability, consumer empowerment, enforcement and governance.
How does the Regulation address the challenges faced by data protection law?
In which other areas of law have analogous issues been encountered?
How were these issues dealt with and what can this teach us about data protection?
Chair: Kristina Irion, IViR (NL)
Moderator: tbc
Panelists * Egbert Dommering, IViR (NL)
* Dennis Hirsch, Capital University Law School (US)
* Anna Fielder, Privacy International (UK)
* Christopher Kuner, VUB (BE)
18.00 cocktail
Maison des Arts
08.45 – BEYOND THE HYPE? SO WHAT! THE RISE AND MOBILISATION
OF SMART CCTV organised by TU Berlin
Academic *** Policy ***
The reliability and reach of digital technology has increased and changed the nature of
surveillance. While there are applications that focus on unspecified crowds, the purpose
of others is to zoom in on individual behavior and the individual. The advances in imag-
ing algorithms facilitate the automated operation of schemes, to release CCTV operators
from monitoring video footage permanently. However, it seems that promises are over-
stated and algorithms fail consistently. However, although one seems to be beyond the
hype in technology terms, development continues. The web is constantly expanding by
the increasing use of mobile devices with integrated high definition cameras. Google
glass promises situational awareness for the dweller to cope with urban complexities.
Drones shall be integrated data sources with other sensors connected, and the imple-
mentation of all facilitated by privacy by design. The panel aims to discuss:
The state of the art of visual surveillance
The implications of automation for surveillance work
The dilemmas and conflicts such as the increasing digital vulnerability of the net-
works
10 /
33
What privacy by design applications such as contextual privacy filters actually imply
for privacy.
Chair: tbc
Moderator: tbc
Panelists
* Daniel Neyland, Goldsmiths, University of London (UK)
* Leon Hempel, TU Berlin (DE)
10.00 coffee break
10.30 – I SPY WITH MY FLY: WHEN VIDEO SURVEILLANCE GOES
MOBILE organised by the PARIS Project
Academic ** Policy ** Business **
Not only are video surveillance systems becoming smarter (facial recognition, tracking
software) and wide range (infra-red, high sensitivity equipment etc.). Video surveillance
is now becoming thanks to the miniaturization increases the invisibility of surveillance
and thus its opacity; the mobility of surveillance jeopardizes the few transparency
mechanisms imposed by the legal framework such as information notices; the intrusive-
ness is potentially far greater as these devices have the capacity to collect widespread
information. This panel will examine the privacy implications of wearable police cam-
eras from different perspectives: socio-contextual (citizens’ perception), legal and tech-
nical. It will also explore the argument advanced for their legitimization: the need to
increase the accountability of police forces
What is the impact of the miniaturization of surveillance devices on citizens?
How to improve the transparency of mobile surveillance?
Can privacy by design offer some guarantees to citizens?
Is the need to increase the accountability of police forces best achieved though wear-
able cameras?
Chair: Fanny Coudert, Interdisciplinary Centre for Law and ICT, KU Leuven (BE)
Moderator: Jos Dumortier, Time.lex (BE)
Panelists
* Representative from the ACLU (US)
* Representative from the Belgian Privacy Commission (BE)
* Matthias Bousset, Thales (FR)
* Daniel Le Métayer, INRIA (FR)
11 /
33
11:45 –MONITORING THE NET FOR VIOLENT EXTREMIST MATERIAL
organised by the VOXPOL Project
Academic ** Policy ** Business **
The objective of this panel is to discuss the ethics and politics of the day-to-day moni-
toring of the Net for violent extremist material – including material inciting racial hatred
from extreme right wing groups (including fascist political movements in Europe), and
material “glorifying” and recruiting individuals to terrorism. It will discuss the monitor-
ing activities of police, intelligence agencies, the Internet industry, and private groups
and individuals – including the use of information fusion and information technology
analysis techniques to acquire, integrate, process, analyse, and manage the diversity of
content available. These issues have important long-term academic and policy implica-
tions, but also contemporary resonance given the role extremist content is playing in
some EU member states, and current conflicts in Syria, Iraq and Gaza.
Chair: Prof. Ian Brown, Oxford Internet Institute (UK)
Moderator: Dr. Maura Conway, University College Dublin (IE)
Panelists:
*Dr. TJ McIntyre, Trinity College Dublin (IE)
*Dr. Rozemarijn van der Hilst, PRIO (NO)
*Sinéad McSweeney, Director Public Policy Europe, Twitter (IE)
*Peter De Beijer, Dutch police (NL)
13.00 lunch break
14.00 – BENTHAM GOES TO SCHOOL: SURVEILLANCE AND STUDENT
PRIVACY IN THE CLASSROOM organised by CPDP
Academic ** Policy *** Business *
The arrival of new technologies in schools and classrooms has been met with a mixture
of enthusiasm and anxiety. Governments around the world are actively deploying inno-
vative technologies, ranging from cloud based data storage systems to adaptive person-
alized learning platforms to CCTV cameras in classrooms and playgrounds. These new
systems and tools present tremendous opportunities, allowing schools to enhance safety,
increase measurement and accountability and tailor programs to individual students. At
the same time, the combination of enhanced data collection with highly sensitive infor-
mation about children and teens presents grave privacy concerns. The panelists will
discuss the roll out of ed tech platforms in three countries, a CCTV system in Isra-
el, and a national student database in Turkey and a cloud based interoperability solution
in the U.S. They will address some of the legal, ethical and political implications of the
ed tech privacy debate. The panel will, in particular, cover the following topics:
12 /
33
The deployment of education techology solutions in three countries: Israel, Turkey
and the U.S
The legal, ethical and political implications of introducing education technology in
schools.
Separating fact from fiction about student data use and abuse.
Chair: Joel Reidenburg, Fordham University (US) (tbc)
Moderator: Valerie Steeves, University of Ottawa (CA) tbc
Panelists
*Omer Tene, International Association of Privacy Professionals (US)
*Michael Birnhack, Tel-Aviv University (IL)
*Yucel Saygin, Sabanci University of Istanbul (TR)
*Emmeline Taylor, Australian National University (AU)
15.15 coffee break
15.30 - ACADEMIC/PHD SESSIONS
16.45 - ACADEMIC/PHD SESSIONS
Day 2 - THURSDAY 22ND JANUARY 2014
Grande Halle
8.45 – AN ACCOUNTABILITY APPROACH TO INTEROPERABILITY orga-
nized by (CPDP)
Academic ** Policy ** Business **
There is a great deal of conversation about interoperability, but what is the perspective
of the privacy office? Privacy offices within organizations have the mandate for priva-
cy management, but how can they be empowered to interoperate with compliance re-
quirements around the world?
To address these questions, Nymity has embarked on another data privacy accountabil-
ity research project. This project will explore how the privacy office at a responsible
organization can use the ongoing operational documentation produced by effective pri-
vacy management to demonstrate accountability (System 1 – “Accountability System”)
and then show how the documentation can be aligned to the appropriate rules of law,
regulations, codes and policy (System 2 – “The Compliance System”). In other words,
how an accountability system can interoperate with a compliance system.
The panelists will discuss the merits of this approach and the critical success factors for
demonstrating accountability in a framework that would allow for interoperability.
Chair: Terry McQuay, Nymity (US)
13 /
33
Moderator: tbc
Panelists: *Michael Scuvée, Johnson Controls (BE)
*Ellis Perry, BP (UK)
*Christopher Docksey, EDPS (EU)
*Martin Abrams, Information Accountability Foundation (US)
10.00 coffee break
10:30 – ENGINEERING PRIVACY INTO THE INTERNET organized by the Eu-
ropean Data Protection Supervisor (EDPS)
Academic * Policy *** Business **
While privacy regulators and legislators invest considerably in defining and interpreting
legal rules for the protection of individuals' fundamental rights to personal data protec-
tion and privacy, developers of internet tools and applications often implement and de-
ploy new data collection and processing mechanisms without proper privacy and data
protection safeguards. This trend unfortunately increases risk to individuals' privacy,
despite all efforts of data protection authorities and privacy advocates. In reaction to the
Snowden revelations of 2013, many Internet engineers realised the need to implement
more robust privacy protection at all technical levels. The panel will consider:
New initiatives aimed at closing the gap between technical tools and privacy needs.
Use cases for which privacy can be implemented at the design level
The development of privacy enabling tools
Chair: tbc
Moderator: tbc
Panelists: * Florian Stahl, OWASP Top Ten Privacy Risks Project (US) tbc
* Ian Brown, Oxford University Institute (UK) tbc
* Marit Hansen, Independent Centre for Privacy Protection Schleswig-Holstein (DE)
tbc
* Achim Klabunde, EDPS (EU) tbc
* Hannes Tschofenig, ARM (AT) tbc
11.45 – ANNUAL PANEL ON DATA PROTECTION AUTHORITIES organised
by CPDP tbc
Policy *** Business ***
14 /
33
Chair: Charles Raab, University of Edinburgh (UK) tbc
Moderator: Ivan Szekely, Budapest University of Technology/Eotvos Karoly Policy
Institute (HU) tbc
13.00 lunch break
14.00 – EU DATA PROTECTION REFORM: Have we found the right balance
between fundamental rights and economic interests organised by CPDP
Policy ******
It has been three years since the commission released the data protection reform pack-
age. Despite the recognition of the need for reform, and the generally positive reaction
to the reform package, the specifics of the proposal remain hotly debated. Panel partici-
pants, representing a range of actors and perspectives will discuss the main technical
issues still facing the reform and the potential solutions which have been put forward to
remedy these.
Which aspects of the reform are still seen as problematic, and by whom?
What shape do these problems take?
What is the consequence of these problems?
Which solutions have been proposed?
Chair: Paraskevi Michou, European Commission (EU)
Moderator: tbc
Panelists: *Michał Boni, MEP (EU)
*Jan Albrecht, MEP (EU)
*Claude Moraes, MEP (EU)
*Axel Voss, MEP (EU)
15.15 coffee break
15:30 – THE RIGHT TO BE FORGOTTEN – European and International Per-
spectives organized by Chuo University and Tilburg University
Academic** Policy** Business**
Chair: Ronald Leenes, TILT (NL)
Moderator: tbc
Panelists:
15 /
33
*Marc Rotenberg, EPIC (US)
16:45 – ‘WE GIVE UP – PLEASE FIX THE INTERWEBZ’ – PRIVACY,
PREDICTABILITY AND ‘PRESCRIBED BY LAW’ AFTER THE CJEU
GOOGLE/SPAIN AND UPC TELEKABEL CASES organised by CPDP
Academic * Policy *** Business **
The panel will discuss the social and political consequences of the CJEU Google Spain
and Telekabel decisions and their implementation across Europe by internet companies.
In the former case, search engines can be obliged to amend search results that are pro-
duced on the basis of a name and are out of date, in order to comply with data protection
obligations – the initial decision on how to restrict information lies with the search en-
gine. In the latter case, internet access providers can have blocking or filtering obliga-
tions imposed on them, with the (privacy invasive?) tool to impose this restriction being
chosen in the first instance by the internet access provider. Do safeguards exist that en-
sure balanced implementation of both of these rulings? If not, how can these be creat-
ed? Speakers will come from EU institutions, industry and civil society.
Chair: Joe McNamee, EDRi (BE)
Moderator: Ben Wagner, European University Viadrina (DE)
Panelists:
* Representative from Google (US)
* Julia Powles, University of Cambridge (UK)
* Simon Davies, The Privacy Surgeon (UK)
* Gwendal LeGrand, CNIL (FR)
* Paul Nemitz, European Commission (EU)
18:00 Cocktail
Petite Halle
8.00 – CLOSED BIG DATA BREAKFAST MEETING organised by the Byte Pro-
ject & CPDP
Academic ** Policy ** Business **
Chair: Paul De Hert, VUB, (BE)
Moderator: Kush Wadhwa, TRILATERAL (UK)
10:00 coffee break
16 /
33
10.30 – PUBLIC AND PRIVATE IN COPYRIGHT VS. PRIVACY AND DATA
PROTECTION organised by CPDP
Academic ******
One of the fundamental dichotomies in law – between public and private – is being
challenged by the architecture of the digital environment, which blurs the division be-
tween public and private spaces. This panel will look into the origins and evolutions of
this dichotomy in (i) copyright and (ii) in fundamental rights protection, in particular
privacy and data protection, in order to get a critical insight into how the distinct and
common aspects can inspire the legal construction of boundaries of private spaces
online. The discussions will take place in form of dialogues between copyright scholars
and privacy and data protection scholars.
- The reasoning behind public/private dichotomy in copyright law
- Public and private in privacy and data protection law
- Are private spaces within the meaning of privacy and data protection, on one
side, and copyright protection, on other side the same?
- What shapes the boundaries between public and private online?
Chair: Irina Baraliuc, Vrije Universiteit Brussel (BE)
Moderator: Prof. Dr. Maurizio Borghi, Centre for Intellectual Property Policy & Man-
agement, Bournemouth University (UK) ?
Panelists: *Severine Dussolier, CRIDS (BE)
*Stavroula Karapapa, University of Reading (UK) (tbc)
11.45 – EXPLORATION OF THE ADEQUACY OF PRIVACY PROTECTION
LAW OF STATES WITH FEDERATIONS: COULD THE STATE OF
CALIFORNIA QUALIFY FOR ADEQUACY STATUS? organised by CPDP (tbc)
Academic **** Policy **
The panel will consider the results of a survey of the State of California Privacy laws
and mechanisms for the protection of personal data of state residents to determine if the
state’s laws, policies and enforcement authority are sufficient to qualify California for
“Adequacy Status” under the rules of Article 29 Data Protection Working Party of the
European Commission. As a state within the United States it is not possible to apply for
Adequacy status as several nations have successfully done. This is an opportunity to
consider the policies and laws of state governments that comprise Federations wherein
states under their own legal framework may establish a level of privacy protection that
is on a par with European standards. The panel will consider the potential for bilateral or
17 /
33
multilateral state agreements went data protection norms, values and laws are commen-
surate with what EU citizens require.
How would the state of California fair under the process of determining “adequacy”
for the purpose of processing data on EU citizens?
If the state of California did apply for “Adequacy” what laws, policies and enforce-
ment mechanisms are its strongest and which are its weakest?
What are the economic benefits to the State of California and the EU in the state
achieving “Adequacy” status?
What are the consequences to international relationships between he EU and federa-
tions should individual states be allowed to pursue Adequacy Status to process data
on EU citizens?
Would this be fruitful for exploration of other consumer protection legal norms and
values were existing laws, policies and practices in federated states are on a par with
other areas of EU law?
Chair: Lillie Coney, House Committees on Judiciary and Homeland Security (US)
Moderator: Monique Altheim, CIPP (US)
Panelists:
*Joanne McNabb, California Department of Justice (US)
*
*Economist
*Article 29 Working Party Representative (EU)
13.00 lunch break
14:00 COOPERATION BETWEEN DPAS: THREATS, CHALLENGES AND
OPPORTUNITIES organized by JRC
Examples of DPA cooperation based on today legal framework
Explore best practices, and challenges of DPA cooperation
Scanning the horizon for emerging problems and solutions.
Chair: Laurent Beslay, JRC – Institute for the Protection and Security of the Citizen
(EU)
Moderator: Gwendal Legrand, CNIL (FR)
Panelists: *Pan European personal data breach simulation exercise Ignacio SANCHEZ (EC DG
JRC)
*David Wright, Trilateral (UK)
*Emanuelle Bertoli, ATOS (TBC)
*Jan Philipp Albrecht, MEP (TBC)
18 /
33
15.15 coffee break
15.30 DPO ON THE GROUND: KEY CHALLENGES OF THE EU REFORM
FOR PRIVACY PROFESSIONALS organized by CEDPO
Academic * Policy *** Business **
The EU Data Protection Reform has re-introduced a debate regarding the increasingly
important role of the DPO. Mandatory or not, there is a real need for organizations to
have privacy professionals with adequate skills to embrace privacy as a business driver
and a competitive advantage or even just to guide businesses through their privacy
compliance programs in view of the numerous legal and technical duties (to be) im-
posed by the Reform, in particular, when organizations are managed on a global basis.
The EU Reform definitely creates key challenges for the current and next generations of
privacy pros. Are we prepared?
Privacy as a competitive advantage: an enhanced role for the DPO?
Why appoint a DPO when this is not imposed by law?
Data subjects rights in a global environment: the role and challenges for global
DPOs
Chair: Christopher Klug, CEDPO (DE)
Moderator: tbc
Panelists:
* Gabriela Krader, DEUTSCHE POST (DE)
* Leticia López-Lapuente, SANITAS (ES)
* Jennifer Barrett-Glasgow, Acxiom (US)
* tbc
16.45 – COMPLAINTS AND LITIGATION BY DPAS or THE ROLE OF DPAS
AND COURTS IN ENSURING EFFECTIVE DATA PROTECTION organised by
CRIDS and the European Data Protection Supervisor (EDPS)
Academic *** Policy ** Business *
Following the CJEU recent landmark rulings in
Digital Rights Ireland and in
Google
Spain, which touched directly upon the issue of how to guarantee the effective protec-
tion of personal data, this panel would provide a unique opportunity to hear the views
from supervisory authorities and from courts on how they interpret data protection law.
This panel would give the opportunity to DPAs to present their most relevant cases and
to explain how data protection law is applied in concrete cases. It would provide valua-
ble insight on how the data protection principles are interpreted by DPAs in the case of
complaints, and by the Courts in the case of litigation.
How DPAs apply data protection law in concrete cases
19 /
33
The role of DPAs in interpreting the law, from complaints to litigation
The role of the Court of Justice of the European Union in shaping law
Chair: tbc
Moderator: tbc
Panelists:
* Anna Buchta or Verónica Perez Asinari, European Data Protection Supervisor (EU)
* Representative from the Court of Justice of the Europen Union (EU)
* Representative of National DPA
* Representative of National DPA
18.00 cocktail
La Cave
08.45 - CYBERCRIME SOCIAL ENGINEERING ANALYSIS CHALLENGE
organised by the TREsPASS Project
Academic ** Policy ** Business **
Cybercrime prevalence increases rapidly all around the globe. Methods such as phish-
ing, scamming and hacking are in use in very sophisticated ways. A vast majority of
cyber-attacks includes some form of manipulation of people. This so-called social engi-
neering is becoming an art, and scientists and policy makers from diverse backgrounds
are trying to understand the mechanisms behind it. The TREsPASS project aims at inte-
grating social engineering in cyber security and privacy policy and risk management
practices. As part of the project, we hand out a social engineering challenge award. In
the challenge participants are asked to think of manipulative scenarios that could be
used to bypass existing security controls, as well as suitable countermeasures. The panel
will discuss the state of the art in social engineering research and policy, and will in-
clude the award ceremony.
What is the state of the art in cybercrime social engineering?
Which perspectives are available to understand this?
What are the possible policy responses?
Chair: Wilbert Rodenhuis, Saxion (NL)
Moderator: tbc
Panelists
* Roeland van Zeijst, National High Tech Crime Unit, (NL)
* Marianne Junger, University of Twente, (NL)
* Fola Ogunsola, Consult Hyperion, (UK)
* Winner of the TREsPASS social engineering challenge award
20 /
33
10.00 coffee break
10.30 – LOCATION PRIVACY organised by FWO project on Contextual Integrity
Academic *** Policy ** Business *
Chair: tbc
Moderator:
Panelists:
11.45 – CAN AUTOMATED PROCESSING MAKE NOTICE/CHOICE MORE
EFFECTIVE FOR USERS AND DPAS organized by Fordham University
Academic ** Policy ** Business **
Online privacy policies are a pillar of the consent model for the protection of individu-
als. Yet, website privacy notices are notoriously confusing, verbose and ineffective for
users. Technologists have sought to develop a variety of mechanisms to improve the
effectiveness of privacy notices as a means to convey policies to users. Most recently,
experiments show that automated and semi-automated natural language processing may
be able to extract on a mass scale the meaning of terms from website policies and then
convert those terms to understandable information in a meaningful way for users.
These experiments hold promise not just for users, but also for enforcement agencies.
How can automated and semi-automated natural language processing be used to in-
terpret privacy policies?
What implications do these technological tools have for drafting privacy policies?
How can these technologies help users?
How might these tools be used by enforcement agencies (e.g. large scale identifica-
tion of faulty, confusing or deceptive privacy policies)?
Chair: tbc
Moderator: Cameron Russell, Fordham University (US)
Panelists:
* Joel Reidenberg, Fordham University (US)
* Travis Breaux, Carnegie Mellon (US)
* Norman Sadeh, Carnegie Mellon (US)
* Clarisse Girot, CNIL (FR)
* Alexander Dix, Berlin Data Protection Commissioner (DE)
21 /
33
13.00 lunch break
14.00 – THE PRICE TO BE LEFT ALONE: CAN THE MARKET YIELD
PRIVACY organised by University of Washington
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Possible Panelists: tbc
15:15 coffee break
15.30 – THE EMERGENCE OF PRIVACY COMPANIES: PRIVACY AS A
COMPETETIVE ADVANTAGE? organised by Fraunhofer ISI
Academic * Policy ** Business ***
Only until recently a few start-ups and niche suppliers explored possibilities to offer IT
services and products with privacy-by-design features as a unique selling point. Fueled
by the NSA spying scandal, these companies are now facing a rapidly increasing de-
mand in privacy-friendly technologies. Especially in the highly dynamic field of mobile
computing, innovative products such as the encrypted instant messaging service
Three-
ma or the bug-proof
Blackphone have started to successfully enter the market. The panel
aims to discuss the following questions:
Is there a business case for privacy in practice?
What prospects do privacy companies have?
What are the legal and practical boundaries?
What role does the new EU Data Protection Regulation play in that respect?
What consequences does privacy as a commodity imply?
Chair: Philip Schütz, Fraunhofer ISI (DE)
Moderator: Marit Hansen, Independent Centre for Privacy Protection Schleswig-
Holstein (DE)
Panelists:
* Phil Zimmermann, Silent Circle/Black Phone (US) tbc
* Rolf Wendolsky, JonDonym (DE) tbc
* Nicolas Dubois, EU Commission (EU) tbc
* Alessandro Acquisti, Carnegie Mellon (US) tbc
22 /
33
16.45 - PRIVACY & INNOVATION organised by LSEC and IPASCO
Academic ** Policy ** Business **
Chair:
Moderator:
Panelists:
18.00 cocktail
Maison des Arts
08.45 - UNDERSTANDING THE DATA PROTECTION AND PRIVACY ISSUES
SURROUNDING HUMAN TRAFFICKING Organised by CPDP
Academic *** Business ***
Increasingly civil society and academics focused on anti-human trafficking issues are
turning to “big data” analytics to support their efforts. These data applications, however,
introduce novel challenges and exacerbate old issues in dealing with data protection and
privacy. Regulations or guidelines for non-governmental actors operating in this space
tend to be lacking or out-dated, if they exist at all. Additional complexities emerge in
the effort to balance the challenges of instilling responsible data protection and privacy
measures without undermining or needlessly stifling the positive contributions to which
NGOs in this space contribute. This Panel will seek to address some of the challenges in
this domain including identifying applicable privacy issues, outlining concrete measures
for establishing sound information systems, and instituting operational practices that
address organization objectives while also proactively ensuring responsible data stew-
ardship as it pertains to particularly vulnerable populations.
Aims to further the discourse on data protection and human trafficking
Aims to discuss best practices in approaching research in line with ethical and data
protection requirements
Aims to identify applicable privacy issues.
Aims to outline best practice measures outlining concrete measures for establishing
sound information systems, and instituting operational practices that address organi-
zation objectives while also proactively ensuring responsible data stewardship as it
pertains to particularly vulnerable populations.
Chair: Courtney Bowman, Palantir Technologies (US)
Moderator: Julia Muraszkiewicz, Vrije Universiteit Brussel (BE)
Possible Panelists:
23 /
33
* Felicity Gerry QC, 36 Bedford Row Chambers (UK)
* Ryszard Piotrowicz, Aberystwyth University, (UK)
* Baerbel Heide Uhl, datACT - data protection in anti-trafficking action, (DE)
* Jennifer Kimball, Polaris Project, (US)
10:
00 coffee break
10.30 – REVENGE PORNOGRAPHY: LEGAL AND POLICY ISSUES organized
by CPDP & University of Strathclyde
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists:
Nishant Shah: academic (university of Hamburg): ok
Walter Coenrats: Belgian FCC (security regulator): tbc
Holly Jacobs: end revenge porn (US victims organisation): ok
Member of the House of Lords: TBC
11.45 – WHEN PORN AND PRIVACY COLLIDE – WHO’S TRACKING YOUR
DIRTY LITTLE SECRET? organized by University of Luxembourg and University of
Münster
Academic **** Policy **
The panel focuses on the relationship of the regulation of pornography, including child
pornography and privacy. It intends to shed light on how the regulation of pornography
(and sometimes child pornography) is used to “censor” content at the Internet. We will
first speak about the difference between the search for perpetrators of child pornography
at the internet and the legal use of regular pornography. Whereby the search for perpe-
trators of child pornography may be even deterred by privacy concerns (we will refer to
a German example), the use of regular pornography becomes increasingly regulated and
this regulation also impacts Article 8 ECHR/CFR. For the latter case we will refer to the
UK example and discuss how recent British opt-in content policies effect individual
rights. We will also take a look at the technical site of identifying and tracking users of
pornography.
Regulation of pornography in Europe
Relation between privacy and pornography
UK opt-in policy and Article 8 CFR/ECHR
Identifiability of customers of pornography
Chair: Franziska Boehm, University of Münster (DE)
24 /
33
Moderator: Mark Cole, University of Luxembourg (LUX)
Panelists: * Brian Donald, Europol (EU) tbc
* Lawrence Siry, University of Luxembourg (LUX)
* Sandra Schmitz (DE) tbc
* Representative from RedTube tbc.
14.00 – FEMINIST PERSPECTIVES ON PRIVACY AND DATA PROTECTION
organized by CPDP
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists: tbc
Valerie Steeves, Universit of Ottowa (CA)
Hille Koskela, University of Turku (FI) (tbc)
Julia Reda, Pirate Party (EU) (tbc)
15.15 coffee break
15.30 - ACADEMIC SESSIONS
16.45 - ACADEMIC SESSIONS
18.00 cocktail
Day 3 - FRIDAY 24TH JANUARY 2014
Grande Halle
8.45 – LAW ENFORCEMENT INTERNET JURISDICTION organized by CPDP
Academic ** Policy ** Business **
Chair: Paul De Hert, VUB (BE)
Moderator: tbc
Possible Panelists: tbc
10.00 coffee break
25 /
33
10:30 – SURVEILLANCE AND INTELLIGENCE AGENCIES organised by
CPDP and University of Passau
Academic ** Policy ** Business **
Chair: Gerrit Hornung (University of Passau)
Moderator: tbc
Panelists: tbc
11:45 – WHO BEST WATCHES THE WATCHERS? organised by CPDP
Academic ** Policy ** Business **
Chair: Bryan Cunningham
Moderator: tbc
Panelists : *Alex Deane (UK)
*Nico Van Eijk, IVIR (NL)
*Francisca Boehm, University of Münster (GE) (tbc)
*Sylvain Metille (tbc)
*Omer Tene (tbc)
13.
00 lunch break
14.00 – SMART PHONES AND LAW ENFORCEMENT organized by Max Planck
Institute tbc
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists: Daniel Drewer, Europol (EU)
15.15 coffee break
15.30 – REVIEWING INTELLIGENCE SERVICES, DATA COLLECTION AND
EU/US RELATIONS organized by CPDP
26 /
33
Academic ** Policy ** Business **
Chair: Paul Nemitz, European Commission (EU)
Moderator: Giovanni Buttarelli, EDPS (EU)
Panelists:
*Caspar Bowden, Independent Privacy Advocate (FR)
*Peter Swire, Georgia Tech. (US)
16.45 – CONCLUDING NOTES
17.00 – RECEPTION (SPONSORED BY BRUSSELS HUB)
Petite Halle
08.00 –FREE (DPA MEETING IRISS)
10:00 coffee break
10:30 – THE IMPLICATIONS OF THE CJEU JUDGEMENT ON DATA
RETENTION
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists : tbc
11:45 – JUDICIAL ACTIVISM IN THE FIELD OF DATA PROTECTION LAW:
A THREAT TO THE EUROPEAN REGULATOR? organised by Maastricht Uni-
versity
Academic ** Policy ** Business *
The panel will address the question as to how much the European courts actively shape
the content of the fundamental right to data protection. In the light of brisk development
of information technologies and the inability of the existing and proposed legislation to
quickly adapt to these changes, the courts seem to take an increasingly proactive role in
this field, for example, by creating new fundamental rights, such as the right to be for-
gotten (CJEU:
Google Spain case) or the right to Internet access (German Supreme
Court:
Decision No. III ZR 98/12). However, can such a judicial activism be legally
justified and is it desirable from a policy perspective? The panel will thus address the
question whether the courts are, in their (over)zealous attempts to enhance data protec-
27 /
33
tion, actually overstepping their judicial competences and encroaching upon those that
are traditionally vested in the legislator.
Judicial activism in data protection law
The fundamental right to data protection
The separation of powers between legislative and judicial branches
The interplay between the Court of Justice of the European Union and national courts
Chair: Bruno de Witte, Maastricht University (NL), European University Institute (IT)
Moderator: tbc
Panelists
* Marko Ilešič, Judge, Court of Justice of the European Union (EU)
* Giovanni Sartor, European University Institute (IT)
* Maja Brkan, Maastricht University (NL)
* Gloria González Fuster, Vrije Universiteit Brussel
* Johannes Eichenhofer, University of Bielefeld (DE)
13:
00 lunch break
14.00 – DATA TRANSFER INTEROPERABILITY IN THE AREA OF
FINANCIAL SERVICES organized by Korea University
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists : tbc
15.15 coffee break
15.30 – CORPORATE TRANSPARENCY organised by CPDP
Academic ** Policy ** Business **
Chair:
Moderator:
Panelists:
28 /
33
La Cave
08.45 - DRONES AT THE MARGINS: RPAS APPLICATIONS FOR
COMMUNITY AND CITIZEN-LED APPLICATIONS organised by JRC Academic ** Policy ** Business **
Remotely piloted aviation systems (RPAS or
drones) are aerial vehicles that fly without
an on-board pilot, as well as the systems that support them to do so. Perhaps the most
established and visible applications of RPAS are for military purposes, but many appli-
cations have been identified for civil purposes, including environmental monitoring,
security, emergency response, surveillance, and recreation. The technologies for such
applications are (largely) ready for market, and the principal barriers to their develop-
ment are regulatory. Several member states issue permits for state and commercial us-
ers, and the European Commission is exploring how larger RPAS (>150kg) can be inte-
grated into European airspace.
Some privacy and data protection implications aspects of RPAS development for state
and commercial actors (professional photographers, police forces, etc.) have been iden-
tified. However, less attention has been paid to non-institutional or ‘marginal’ users,
such grassroots community initiatives, applications in development contexts, and citi-
zen-led activities for non-commercial, non-state purposes. These operators may face
different challenges to more established commercial and public institutions. For exam-
ple, operators may not fully understand and appreciate their privacy and data protection
responsibilities, or may not have sufficient resources (expertise, time and budget) to
meet these responsibilities effectively.
Examples of marginal RPAS applications and their differences with state and com-
mercial uses
How privacy and data protection aspects of these RPAS applications has been man-
aged
Scanning the horizon for emerging problems and solutions.
Chair: Philip Boucher, JRC: Institute for the Protection and Security of the Citizen
(EU)
Moderator: Kristin Sandvik, PRIO (NO)
Panelists: * Apostolos Malatras, JRC: Institute for the Protection and Security of the Citizen (EU)
* Austin Choi-Fitzpatrick, Central European University (HU)
*Drones used in development contexts, Drone adventurers
tbc
*Drones used in journalism tbc
10.00 coffee break
29 /
33
10.30 – ONLINE PRIVACY VERSUS FREEDOM OF SPEECH: BALANCING
RIGHTS IN THE EUROPEAN CONTEXT organized by University of Amsterdam
Academic ** Policy ** Business **
The right to privacy has gained its momentum. Privacy on the internet no longer is an
illusion, that is, in some respects. A growing number of people actually care about their
online privacy. But what if one person claims a right to free speech, and another wants
respect for his privacy. With a growing number of internet users and particularities of
online speech, values inherent in the fundamental right to privacy seem to be particular-
ly vulnerable. Europe, where privacy is rooted in the notion of dignity, became the norm
entrepreneur in this respect. Both on the legislative as well as judicial level, there is an
ongoing trend towards enhancing the protection of privacy, reputation and other person-
ality rights in the online environment. However, such trend does not remain without an
impact on the right of online freedom of speech.
Chair: Arno Lodder, Counsel SOLV Advocaten (NL)
Moderator: Tijmen Wisman, VU University Amsterdam (NL)
Panelists : Magdalena Jozwiak VU University Amsterdam (NL)
Industry Representative (tbc)
Academic, working on law and freedom of speech/reputation (tbc)
Policy Representative (tbc)
11:45 – DO-IT-YOURSELF PRIVACY PROTECTION: EMPOWERMENT OR
BURDEN? organised by the Privacy Forum
Academic ** Policy ** Business **
Chair: Michael Friedewald, Fraunhofer ISI
Moderator: tbc
Possible Panelists: tbc
Paul C. Johannes, University Kassel (DE)
Benjamin Lange, Fraunhofer S, (DE)
13.
00 lunch break
14:00 – CITIZENS’ ATTITUDES TO PRIVACY, SURVEILLANCE AND
SECURITY (1) organised by the PRISMS and SurPRISE Projects
Academic *** Policy ***
30 /
33
There is the need to re-examine the relationship between security, surveillance and pri-
vacy – which is commonly positioned as a ‘trade-off’. Where security measures and
technologies involve the surveillance of citizens, their privacy is being infringed. These
infringements of privacy are usually seen as an unavoidable cost of enhancing individu-
al and/or societal security. Similarly, it is assumed that citizens are accepting this trade-
off. This common understanding of the security-privacy relationship, both at state and
citizen level, has informed policymakers, legislative developments and guided security
policies across the EU over the past years.
Chair: Marc van Lieshout, TNO (NL)
Moderator: tbd
Panelists: tbd
15:
15 coffee break
15:30 – CITIZENS’ ATTITUDES TO PRIVACY, SURVEILLANCE AND
SECURITY (2) organised by the PRISMS and SurPRISE Projects
Academic *** Policy ***
There is the need to re-examine the relationship between security, surveillance and pri-
vacy – which is commonly positioned as a ‘trade-off’. Where security measures and
technologies involve the surveillance of citizens, their privacy is being infringed. These
infringements of privacy are usually seen as an unavoidable cost of enhancing individu-
al and/or societal security. Similarly, it is assumed that citizens are accepting this trade-
off. This common understanding of the security-privacy relationship, both at state and
citizen level, has informed policymakers, legislative developments and guided security
policies across the EU over the past years.
Chair: Marc van Lieshout, TNO (NL)
Moderator: tbd
Panelists: tbd
22:00 - PRIVACY PARTY
Maison des Arts
08.45 – LEGAL AND ETHICAL ISSUES OF BIOMETRICS AT BORDER
CROSSINGS organized by ABC4EU
31 /
33
10:
00 coffee break
10.30 – CREDIT SCORING organized by IRISS Project
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists : tbc
11.45 – NEIGHBORHOOD WATCH organized by IRISS Project
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists : *Alexander Neumann, IRKS (AT)
14.00 – PRIVACY IN COMPUTER SCIENCE EDUCATION organised by the
University of Ulm Academic *** Policy ** Business *
Privacy plays a more important role in new computer science and information systems
curricula as reflected, e.g., in the ACM/IEEE CS curriculum 2013. Still, the topic is
often scattered between a pure policy/civil rights topic (being treated non-technically),
an HCI topic, or being part of a security course (where it is often neglected in favor of
core security aspects). In this panel we will discuss different approaches to privacy in
CS education and how to make it a first-class citizen that allows an integrated treatment
of policy, organizational and technical approaches so that students can learn that good
privacy comes from understanding policy and implications of missing privacy, knowing
how to analyze privacy issues in IT systems (e.g., through PIAs), and applying the right
tools (like minimization or attribute-based credentials) to build truly privacy-preserving
systems.
The role of privacy in education
Approaches to reflect privacy holistically in the curriculum
Quality of current curriculum proposals
32 /
33
Strategies for enhancements
Chair: Frank Kargl, University of Ulm (DE)
Moderator: Claudia Roda, American University Paris (FR)
Panelists: * Carmela Troncoso, GRADIANT (ES) tbc
* Claudia Diaz, KU Leuven (BE) tbc
* Daria Catalui, ENISA (EU) tbc
* Carlo Ghezzi, Informatics Europe (IT) tbc
15.15 coffee break
15.30 – ETHICS OF THE SECURITY RESEARCHER organized by the P5 and
IPATCH projects
Academic ** Policy ** Business **
Chair: tbc
Moderator: tbc
Panelists: tbc
33 /
33