Click here to view programme

493 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
493
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Click here to view programme

  1. 1. Privacy Laws & Business 11th Annual International Conference Balancing New Data Protection Law with Changing Business Needs St. John's College, Cambridge, United Kingdom, 13th - 15th July, 1998 Programme Day 1 - Monday, July 13th, 1998 Time Title of Session Speaker 10.00 Registration in the Fisher Building (till 18.00) 11.00 Coffee 11.30 Parallel Sessions An outline of the new UK Data Protection Act Data protection/privacy developments in France and the compared with the current law (mainly for the USA private sector) • Marie Georges, Chef de Mission, International Antonia Lindsay, Compliance Officer, Office of the Data Relations, Commission Nationale de l'Informatique Protection Registrar, UK et des Libertés, Paris Naomi Powell, Strategic Policy and International • Robert Belair, Co-Editor, Privacy & American Officer, Office of the Data Protection Registrar, UK Business and Partner, Mullenholz, Brimsek & Belair, • Data users’/controllers’ obligations Washington DC • Data subjects’ rights • Registrar’s/Commissioner’s enforcement powers 13.00 Lunch 14.00 Chairman's introduction to the conference Stewart Dresner, Director, Privacy Laws & Business themes and visit to privacy web sites 14:15 On the point of change - the key differences Elizabeth France, Data Protection Commissioner, UK between the 1984 and 1998 legislation • Definitions • Rights and duties • The principles • Key exemptions • Timetable 15:30 The International Labour Office's Code of Professor Dr Spiros Simitis, Director, Institute of Labour Law Practice on the Protection of Workers' and the Research Centre for Data Protection Law, Personal Data: Would observing the code University of Frankfurt, Germany, Consultant to the mean compliance with "adequacy" under European Commission on data protection law the EU Data Protection Directive? 16:10 Tea 16.30 Balancing open government and data • Dr David Flaherty, Information and Privacy protection law Commissioner, British Columbia, Canada • Subject access: one-stop shopping or • Graham Davies, Policy Manager, Freedom of multiple remedies? Information Unit, Cabinet Office, UK • Third party rights and reverse FOI • Maurice Frankel, Director, Freedom of Information complaints Campaign, UK • Limit of commercial confidentiality • Elizabeth France, Data Protection Registrar, UK • Commercial use of public information Chair:James Michael, Director, Centre for Communications and Information Law, University College, London 18.00 Guided walks 18.30 Privacy Laws & Business UK Information Feedback and planning ahead session over drinks and Compliance Programme
  2. 2. 18.45 Drinks in St. John's College Garden 19.30 Dinner in The Hall 21.00 Data protection and public access to official Dr Ian Walden, Centre for Commercial Law Studies, QMW information College, University of London, and consultant Bird & Bird, In 1997, the European Commission funded a London study on this topic to develop principles and procedures by which public administrations can address this area of potential conflict. This session will present some of the findings of this study Day 2 - Tuesday, July 14th, 1998 Time Title of Session Speaker 08.30 Registration in the Fisher Building (till 13.00) 09.00 Chairman's introduction to the day's themes Stewart Dresner, Director, Privacy Laws & Business Implementation of the EU Data Protection Directive in Europe and its impact in other countries 09.15 How the EU Member States are implementing Professor Dr Spiros Simitis, Director, Institute of Labour the EU Data Protection Directive: Law and the Research Centre for Data Protection Law, Opportunities for developing and risks of University of Frankfurt, Germany, Consultant to the limiting data protection European Commission on data protection law and former Chairman of the Council of Europe's Committee of Experts on Data Protection 09.50 The EU Data Protection Directive: Professor Colin Bennett, Department of Political Science, The North American Response University of Victoria, British Columbia, Canada • The response in Canada • The response in the United States • The divergence of approach • The reasons for the divergence 10.05 Discussion 10.45 Coffee 11.15 Parallel Sessions New UK Data Protection Act Compliance Action Plan Contracts for international transfers of personal data Reassessing your data subjects' rights procedures The work of the Article 29 committee: using a standards approach: Nick Platten, Data Protection Consultant, and advisor to Dr. Hayden Kendler, Consultant, Privacy Laws & DG15, the European Commission Business The International Chamber of Commerce model Reassessing your vulnerability to prosecution and contract: enforcement action by the Data Protection Charles Prescott, Chair, Working Party on Privacy and Commissioner: Transborder Data Flows, US Council for International Angus Hamilton, Solicitor, Hamiltons and prosecuting Business solicitor representing the Data Protection Registrar New models for data protection contracts: Planning ahead: Understanding the transitional Robert Belair, Co-Editor, Privacy & American Business; provisions: and Partner, Mullenholz, Brimsek & Belair, Washington DC Chris Amery, Independent Consultant The Confederation of British Industry model contract • Transitional Relief - principles and definitions clauses • Data Covered by current Act Vivian Bowern, Chairman, CBI Data Protection Working • Data currently exempt but included in new Act Party • Manual data October 2001 - October 2007 Viewpoint of the UK's Data Protection Registrar: • Notification and procedural provisions Francis Aldhouse, Deputy Registrar • Conclusions • The role of international contracts Chair: Stewart Dresner, Director, Privacy Laws & • What will the Data Protection Commissioner be Business looking for?
  3. 3. • Comments on the specific model contract options presented in this session Chair: Simon Chalton, Solicitor, Bird & Bird, London 13.00 Lunch 14.00 Registration in the Fisher Building (till 17.30) Telecommunications and telemarketing 14.00 Applying data protection law to Julian Farrel, Head, European Communications Policy, telecommunications and telemarketing in the Department of Trade and Industry, UK UK: Chair: Christopher Millard, Partner, Clifford Chance, The New UK Telecommunications Data London; Chair CBI Working Group on Telecommunications Protection Regulations implementing the EU and Data Protection; Senior Visiting Fellow, Queen Mary Telecommunications Data Protection and Westfield College, University of London Directive 14.45 Parallel Sessions Question time with the lawyers Protecting privacy in electronic commerce and on the Questions you always wanted to ask on: Internet • The Data Protection Act <ALIGN="CENTER"1: Policies • The Computer Misuse Act Regulatory initiatives to protect privacy when using • The EU Database Directive and on-line services: • The EU Distance Contracts Directive Belgium, France, Germany and the UK Brief overview and an opportunity to put your Professor Paul Schwartz, Brooklyn Law School, New York, questions to specialist lawyers including: USA Simon Chalton, Solicitor, Bird & Bird, London • Convergences and Divergences in Member State • Control of databases through the new sui Law generis right • Possible Obstacles to the Internal Market Due to • The distinction between copyright protection of Divergences compilations and copyright protection of • Technical Solutions and Answers in Regulatory databases Policy Shelagh Gaskill, Partner, Masons, Leeds Assessing the adequacy of self-regulation for Internet Christopher Millard, Partner, Clifford Chance, London privacy: Example questions: The USA approach • developing a privacy policy/statement on a J. Beckwith Burr, Senior Internet Policy Advisor, NTIA, website: any recommendations for good models Department of Commerce, Washington DC, USA and for data controllers to take as a starting point for Associate Professor Mary Culnan,School of Business, planning? Georgetown University, Washington DC • how will the EU Directives on databases and • US approach to assessing adequacy distance selling affect our organisation? • Description of assessment methodology • When is a manual file a "relevant filing system" • Lessons learned and next steps for data protection law purposes in the future? Chair: Nick Platten, Data Protection Consultant, and • When is a collection of materials a copyright advisor to DG15, the European Commission database? Chair: Stewart Dresner, Director, Privacy Laws & Business 15:45 Tea Protecting privacy in electronic commerce and on the Internet 2: Company Practices 16.15 Achieving secure transactions and payments Chair: Chris Amery, Independent Consultant EU and UK planned laws on regulating Dr Ian Walden Centre for Commercial Law Studies, QMW signatures and certification authorities: College, University of London, and Consultant Bird & Bird, Implications for business London This session will review national regulatory Nick Grouf, CEO Firefly, Microsoft Corporation, Redmond, responses to this developing market segment, Washington State, USA particularly with reference to the recently Alan Laird, Business Manager, Electronic Commerce, Bull
  4. 4. published draft European Commission directive Information Systems, London and UK proposals for legislation Designing privacy awareness into your website/electronic commerce using Microsoft tools • How serving the individual benefits business • Personal information is intellectual property • How technology and existing contract law prove a potent combination How Europay, France, and other organisations use a smart card based security system to establish trust between the parties in electronic commerce transactions 17.45 Close 18.30 Privacy Laws & Business International Feedback and planning ahead session over drinks Newsletter 18.45 Drinks in St. John's College Garden and punting on the River Cam 19.30 Dinner in The Hall Day 3 - Wednesday, July 15th, 1998 Time Title of Session Speaker 08.30 Registration in the Fisher Building (till 13.00) Establishing privacy compliance policies and ensuring they are put into practice 09.00 Parallel Sessions An outline of the new UK Data Protection Act Raising and maintaining data protection awareness compared with the current law (mainly for the public Andrew Breakwell, Director of Marketing, Easy i, sector) Kenilworth, UK Antonia Lindsay, Compliance Officer, Office of the Data How The McGraw-Hill Companies developed, Protection Registrar, UK established and supervise their global privacy program Naomi Powell, Strategic Policy and International Officer, Cindy Braddon, Vice-President, Washington Affairs, and Office of the Data Protection Registrar, UK co-chair, Privacy Steering Committee, The McGraw-Hill • Data users’/controllers’ obligations Companies • Data subjects’ rights • The McGraw-Hill Companies is a global publishing, • Registrar’s/Commissioner’s enforcement powers financial and media company with 16,000 employees headquartered in the United States and with offices in 30 other countries. • The corporation sees its growth in global electronic commerce. • McGraw-Hill is determined to responsibly handle the personal data of their customers when doing business via the Internet. • The Corporation's policy is based on the tenets of Notice, Choice, Security, and Access and Review. • This Policy has been implemented domestically and has been applied to more than 80 of its websites. • McGraw-Hill aims to implement this Policy on a worldwide scale by the end of 1999.
  5. 5. 10.05 Chairman's introduction to the day, Stewart Dresner, Director, Privacy Laws & Business conference feedback and planning ahead 10.20 Auditing compliance with the Data Protection • Anne Chafer, Data Protection Officer, Act: The police approach Leicestershire Constabulary • Purposes of conducting Data Protection • John Black, Inspection Manager, Essex Police and Act audits Secretary, the ACPO Data Protection Committee • Maintaining operational effectiveness The speakers are co-authors of the 1998 Police Audit • Retaining public confidence Guide • Reviewing computer security 11.00 Coffee 11.30 How a Privacy Commissioner conducts a Dr David Flaherty, Information and Privacy Commissioner, privacy audit: A model for new-style British Columbia, Canada enforcement? • The goals of a privacy audit and site visit • The process of a site visit • A: Making choices • B: Advance notice to public bodies • C: The delivery of information packages to all public bodies • D: Time Allocations • Action: Doing a site visit • The walking tour The Home Office Minister's view 12.10 The Data Protection Act 1998: An overview George Howarth MP, Parliamentary Under-Secretary of State, Home Office, London 13.00 Lunch Regulating personal data in the fight against crime 14.00 The Crime and Disorder Act 1998: a police Guy Gardener, Chief Superintendent, Kent County view of multi-agency sharing of personal Constabulary data and its compatibility with the Data Jonathan Bamford, Assistant Registrar, Office of the Data Protection Act 1998. Protection Registrar • The long term trend towards multi- Michael Hall, Senior Consultant, Software Division, Bull agency work and its implications for Information Systems, Birmingham individual agencies. • Formulating Community Safety Plans – the reality of multi-agency crime audits and the need for data share. • Working together – some successes and some not so successful – overcoming difficulties. • What can we learn from the story so far – some recommendations for the future. Information sharing and surveillance: only the guilty have anything to fear? • Data Protection implications of the Crime and Disorder Bill 1998 • What are the limits to information sharing? • What are the data protection implications of closed circuit television
  6. 6. now and in the future? The smart warrant card concept: A smart card for the police to secure access to applications and data on police and third party systems to ensure Data Protection Act compliance 16.00 Close and tea

×