IAF 2024 Q2-3 Quarterly Spotlight
The second quarter has focused on building out the content for our two projects designed to support organization need to innovate responsibly with data while being responsive to compliance demands in Europe and the U.S. States – “Demonstrable Evidence of Accountability for U.S. States” and “Legitimate Interest for an AI World”. We conducted several participant interviews, held four workshops and published blogs on the topics. Final reports will be published in the fall.
April 1, 2024, IAF hosted a Cocktail Reception for members and friends. Chief Strategist Elizabeth Denham gave a talk on the necessary Renaissance of the Privacy Profession.
April 2, 2024, IAF Chief Strategist Elizabeth Denham hosted a conversation with Baker McKenzie Tech Policy Forum, on re-architecting governance in organizations in response to the demands of AI innovation. Discussants included IAF members and non-members.
April 3, 2024, IAPP Global Privacy Summit, IAF Chief Strategist Elizabeth Denham introduces keynote speaker Anu Bradford, author of “Digital Empires: The Global Battle to Regulate Technology.”
April 10-11, 2024, Elizabeth Denham CBE contributed to Canadian government discussions on Bill C27 approach to “the best interests of the child”.
April 11, 2024, a chat led by Elizabeth Denham unpacked the week after the IAPP Global Summit trends in information governance, the role of the privacy leader, and the omnipresence of AI.
April 15, 2024, Publication – IAF Comments to ICO AI Consultation, Part II. Strategists Lynn Goldstein and Steve Wood submitted the IAF comments, noting the consultation’s overly broad approach to generative AI, suggesting the distinction and nuance of “thinking and acting with data.”
April 16, 2024, Blog by Chief Strategist Elizabeth Denham, A Renaissance for the Privacy Profession. Liz shares her perspective on the external and internal drivers and changes pushing traditional privacy leaders into a renaissance approach – building and applying multiple new skills.
May 2, 2024, Demonstrable Accountability for U.S. States Business Workshop, San Jose, CA (hosted by IAF Advisory Board member Cisco). Business members provided feedback to the content and process to the normative risk framework.
May 9, 2024, a chat highlighting the insights from the business workshop on what Demonstrable Accountability with supporting evidence looks like in response to U.S. State laws. We learned that how the State requirements are driving deep thoughts about how to implement governance requirements in their own environment. Mid-May, 2024, Global CBPR Forum in Tokyo. IAF Senior Strategist Steve Wood represented IAF, moderating a panel on “Global CBPR Interoperability” with IAF Board Chair Scott Taylor (CPO, J&J), IAF Policy Board Member Jacobo Esquenazi (HP Inc), Stefano Fratta (Meta), Miguel Bernal-Castillerro (Canadian Privacy Commissioner’s Office) and Evelyn Goh (Singapore Government). Steve wrote about his observations and what’s likely next in a blog Global CBPR and the Long Dance towards Interoperability.
May 23, 2024, Policy & Strategy call on Digital Marketplace of Mental Health Apps and the broader privacy and security issues. Featured speakers: Maneesha Mithal, Partner, Wilson Sonsini (former Head, FTC Privacy and Identity Protection Division); Jolynn Dellinger, Senior Lecturing Fellow in Privacy, Ethics, and Technology, Duke University School of Law; IAF strategist Marc Groman.
May 30, 2024 and June 2, 2024, Legitimate Interest for an AI World Business Workshop, Dublin, Ireland and London (hosted by IAF Board members IPG and Cognizant). Business members provided feedback to the content and process for the Legitimate Interests assessment.
June 13, 2024, a chat on all things Europe -What might be the policy impacts and implications resulting from the dramatic EU Parliamentary elections, and what shifts can be anticipated out of the upcoming UK elections.
June 20, 2024, a Policy & Strategy call about the increasing demands from the C-Suite and regulators to create sustainable data and technology frameworks, changing the role of privacy and privacy professionals in an age of Gen AI and sprawling new legislation. Do we face a renaissance in the profession in an unpredictable world? Featured speakers Hilary Wandall, Chief Ethics and Compliance Officer, Dun & Bradstreet, and Lauren Reid, Founder, The Privacy Pro.
July 10, 2024, Multi-Stakeholder Session on Demonstrable Accountability for U.S. States, Pleasanton, CA (hosted by IAF member Workday). Business members, academics and regulators (California and Colorado) provided feedback to improve the content and process to the risk framework under development.
July 18, 2024, Policy & Strategy call was a deep dive into what we learned during the multistakeholder session, attended by regulators, academics and business – and what’s next for business as we see the passage of over 20 U.S. state privacy laws and one state AI Act, almost all of these states require a risk or data protection assessment which are broader in scope than other impact assessments. Sheila Colclasure and Stan Crosley were featured commenters.
July 25, 2024, a chat about the evolving nature of expectations of assessments in light of AI innovation. The U.K. ICO Office decision on Snap's My AI and the need for a complete DPIA and DPA consultation per GDPR Articles 35 and 36, and the NIST plan to align its Privacy Framework (PF) V.1.0 with NIST Cybersecurity Framework (CSF) v.2.0, plus future alignment with the AI Risk Management Framework (AI RMF). July 31, 2024, IAF submits comments to the U.S. NTIA on the NIST Privacy Framework v1.1 Concept Paper. August 9, 2024, Blog by IAF President Barb Lawler noting that the IAF Sees NIST Making Notable Advances in Their NIST Privacy Framework v.1.1 Concept Paper. Coming Up: September 11-12, 2024, IAF Annual Member Retreat (hosted by J&J, New Jersey) September 26, 2024, Multi-Stakeholder Session on Legitimate Interest in an AI World, Dublin, Ireland (hosted by IAF member Workday). Business members, academics and DPAs will provide feedback to the content and process to the Legitimate Interests assessment for uses of AI. October 28, 2024, 3-5pm, Global Privacy Assembly in Jersey - side event on the results of the Legitimate Interest Assessment for AI and Forward-looking Projects.
2024: Quarterly Spotlight - Q2-3
September 2024
Home / Publications /