Category Archives: Chair news

Do you have a resolution idea to table at this year’s ICDPPC?

Are you looking to co-sponsor or contribute as an ICDPPC member to this year’s Conference resolutions?

The ICDPPC Executive Committee is aware that many members want to get as much as possible out of their membership of the ICDPPC. Engaging with the development of the Conference Resolutions is a great way to get involved. As we embark on that time of the year when we consider what will be tabled for adoption at the next Conference, further guidance about how you can track developments or indeed take the lead has been produced to assist you in your understanding and engagement with the ICDPPC Resolutions tabling process.

The following guidance on the Resolutions process follows the update of the Conference Rules and Procedures in 2018.

More reasons for this guidance:

• This guidance aims to provide both you as a member and the Executive Committee, including the Host Authority, with a clearer idea of what to expect at the Conference Closed Session.
• Your adherence to the resolutions process will help you as an ICDPPC Member with your individual decision-making on what to expect from this year’s Conference, particularly useful around the time when you are considering whether to attend.

The process also facilitates the Executive Committee’s job in bringing you the best plan for the ICDPPC 2019 Closed Session.

Read the FAQs document on the resolutions process.

The ICDPPC’s Executive Committee has launched a consultation for members on six policy areas, as well as proposals for policy priorities and actions for 2019 – 2021.

ICDPPC members will have received an email with more information about the policy strategy and how to respond to the consultation, which closes on 6 June 2019. If you have not received it, please email excosecretariat@icdppc.org.

Both French and Spanish versions of the documents are being prepared and will be shared when available.

Elizabeth Denham, Chair of the ICDPPC Executive Committee, said:

“At our 40th ICDPPC Conference in Brussels last October, we were proud to adopt the Roadmap Resolution, a clear clarion call to strengthen our committee’s core policy role and influence in advancing privacy and data protection at the international level.

“The next step is to identify the priorities to maximise that global impact. We need your expertise and insight.

“We all face the challenge of limited resources and an ever growing list of challenges that need our attention. In that context, it is crucial that we choose priorities that we all share, and we can all support to carry our goals through to fruition.

“It was with this intention that my fellow Executive Committee Members and I devoted two days at our recent meeting in London to explore the issues and to develop a proposal setting out policy priorities.

“We believe the approach we are proposing is one that will position us to remain relevant for the years ahead. But our vision must be a shared one. I hope I can rely on your input ahead of the 6 June deadline for views on this defining piece of work.”

All responses will be considered for a revised proposal for further consultation with the membership.

For further information, please email excosecretariat@icdppc.org.

The 2019 ICDPPC Open Session Programme Advisory Committee (PAC) has recently been established and has met to appoint the final speaker line-up and content of the Open Session agenda in Tirana this October. The ICDPPC is honoured that Peter Hustinx, former European Data Protection Supervisor, and currently non-Executive Director at the ICO has agreed to co-chair the PAC. We will provide further updates from the Co-chairs in due course.

Find out who the members are here.

Dear Colleagues

Progress in 2018

2018 has been a pivotal year for the ICDPPC community, both in terms of determining our own identity and way forward, and in establishing our place on the international stage, with data protection at the heart of so many policy debates.

The fantastic annual meeting in October, so ably co-hosted by EDPS and Bulgaria, has set us on a productive path forward.  May I once again pay tribute to Giovanni Buttarelli and Ventsislav Karadjov and their teams for the enriching and stimulating discussions as well as their generous hospitality.

We now have a Roadmap to guide the development of the ICDPPC from an annual meeting to a visible and vocal body that can engage effectively with the policy issues of the day.  This is thanks to the excellent work led by our French and Canadian colleagues and the contributions from across the membership.  The Declaration on Ethics and Data Protection in Artificial Intelligence (AI), setting out our guiding principles and our joint call for common governance principles, was a significant achievement. We must continue to build on this.

Looking Forward

There is much work to do to realise the ICDPPC community’s vision and ambition. The new Executive Committee has already had two (virtual) meetings in the last 2 months to map out priorities for the year ahead and how we will help to deliver them. These include:

• formulating a 2019 – 2021 strategic plan, for adoption at the next annual meeting in Albania, underpinned by a clear set of policy priorities, issues and themes, to inform the ICDPPC’s work and our outreach to other organisations and to civil society;
• developing a communications plan to support these policy priorities; and
• strengthening the ICDPPC’s role in capacity building for its members, for which we have heard a clear demand, particularly from newer members.

I am delighted that we have such a diverse ExCo membership, and am grateful to dedicated colleagues for being willing to join our meetings at the crack of dawn or at midnight to bridge the time zone differences.

Our Working Groups will continue to play a crucial role in generating ideas and supporting implementation of the commitments we all made in Brussels. Diverse representation will be important here too. If you are interested in joining one of them, including the new WG on Ethics and Data Protection in Artificial Intelligence (AI), please contact the Secretariat (excosecretariat@icdppc.org) or the relevant Chair.

We are also looking for volunteers for the network of translating members to assist the Secretariat in translating key documents; this is important to help maximise the impact of our resolutions and declarations. Please contact the Secretariat if you can help. We will focus on English, French and Spanish initially but all offers welcome.

I am honoured that you have placed your trust in me, as Chair of the Executive Committee, to steer our work at this critical juncture. I look forward very much to working with you all to make a reality of the vision we have jointly articulated.

Elizabeth Denham
Chair of the ICDPPC Executive Committee

In just a few days, we’ll all be together in Brussels. The ICDPPC Secretariat and our host are working full steam to make sure that everything runs smoothly and that we’re all set for what promises to be an exceptional annual meeting!

I guess you are now all ready and looking forward to our yearly reunion. For some of you, I know it even means a very long trip, and for all of us, a lot of energy and preparation! But before jumping into the week, please get some rest and take a moment to think about our upcoming debates, to look back at the past year and to put all this into perspective with our frenzied surrounding world.

A big discussion is expecting us in Brussels, about our organisation and our common project. It’s true, we are going to talk about ourselves maybe a bit more than usual. But it is certainly for a good cause!

I hope we’ll have an open debate with one thing in mind: the future of the Conference as an organisation, which we can for sure make more visible and audible. Make no mistake, this won’t be a self-centred exercise but rather an attempt to open up and strengthen our role at international level. And we’ll even be able to prove all this right with our discussions on ethics and data protection in artificial intelligence.

In the end, while we are all getting ready for our fortieth annual meeting, we are also on our way to have the ICDPPC ready for the years to come and the challenges ahead. This is to me a very exciting perspective which make me look forward to our exchanges and debates. Oh, and of course, you have to get ready for Belgian waffles and chocolate, because they’ll be all around next week!

See you all in Brussels,

Isabelle Falque-Pierrotin

Fast forward. Never a dull moment. That’s how the past months have been going for all of us! While Europeans have been busy with the application of the GDPR, the rest of the world also had to address many privacy and data protection concerns, not to mention the fallout of the Cambridge Analytica revelations. All this of course in addition to our daily tasks and business, and with many eyes looking at the DPA community at international level.

We are certainly not alone, and people are more and more turning to us for guidance and answers. I have experienced this while in Washington late March at the IAPP global summit, and even more in May at the RightsCon Conference in Toronto, a global summit on human rights in the digital age which gathered more than 2000 participants from all horizons. Discussions there were vivid and refreshing, making the case for something which is already obvious for most of us: privacy and data protection can no longer be considered as a mere legalistic issue. It’s now part of our daily life and at the crossroad of many of today’s hot topics such as artificial intelligence, fake news and the right to information, freedom of expression, etc… We can no longer think in silos. We need to open up. And we need to keep our ears wide open and to listen.

The ICDPPC has actually been in an intense listening mode this year! A last consultation round on the future of the Conference has been held in the margins of the European Spring Conference in Tirana in May, and we opened a public consultation to hear views from external stakeholders on our future objectives and missions. Together with colleagues from the OPC Canada, we also took the opportunity of the RightsCon conference to hold a side meeting with representatives of civil society organisations from all around the globe. We gain valuable insights on current expectations towards authorities at international level which will share with you. Oh, and by the way, the Canadian spring was gorgeous and very sunny!

I’m most pleased to see that the strategic consultation agreed in Hong Kong has been a real success, and above all, a healthy exercise which allowed the direct and indirect contribution of most of the ICDPPC members. In total, almost 70 authorities took part to the various consultation rounds held throughout the year and around the globe! Even our website opened up, featuring 5-minutes interviews with key stakeholders such as the UN Special Rapporteur on the right to privacy, the Internet Freedom Foundation of India and Max Schrems. By listening, both internally and around us, one thing is already clear: our future missions and challenges will have to be addressed collectively and inclusively. Cooperation and inspiration beyond our own remits will be key to shape our future objectives and common project.

So, we’ve been listening, we’ve opened up and we now need to start thinking and building. That’s actually our programme for Brussels in October (registration is now open with a special rate for early birds, don’t forget!). In order to get ready for this, we welcomed in Paris two weeks ago a meeting of the Working Group on the future of the Conference. On that same day, the ICDPPC drafting team on artificial intelligence also gathered in our building to prepare for the debate and deliverables in Brussels on one of the top challenge ahead of us. I’m not sure participants had a chance to enjoy the charms of Paris, but the sacrifice was probably worth it, since we made really good progress!

Finally, please pay attention to the upcoming communications from the secretariat, as the closed session is taking shape and you will soon receive more news and details. The work undertaken ahead of our next annual meeting already shows that we are now more than a yearly gathering of authorities. But are we ready to build a new governance model? A real international organisation? We need to build answers to these questions. We also need to build bridges. All this takes time, maybe several years… but we have the whole summer to start making plans and propose some kind of evolution at our October meeting!

Cheers!

Isabelle Falque-Pierrotin

Chair of the International Conference Executive Committee

Public consultation on the future of the International Conference of Data Protection and Privacy Commissioners (ICDPPC)

The Conference seeks to provide leadership in data protection and privacy at the international level. It does this by connecting the efforts of 119 privacy and data protection authorities from across the globe.

The ICDPPC is a unique network which purposes and main objectives at present are: to promote and enhance internationally personal data protection and privacy rights; to improve data protection and privacy by providing a forum that encourages dialogue, cooperation and information sharing; to draft and adopt joint resolutions and declarations on subjects that warrant the common interest or concern of the accredited members, and promote their implementation; to be a meeting point between accredited members and other international fora or organisations that share common objectives; to encourage and facilitate cooperation and the exchange of information among accredited members, in particular regarding enforcement actions; to promote the development of international standards in the field of protection of personal data.

The Conference is headed by its Executive Committee and is also composed of numerous working groups. It meets annually in a closed session of its members and observers; an open session is also organized in which leading privacy experts from industry and civil society participate.

At its latest annual meeting in Hong Kong in September 2017, the ICDPPC initiated a strategic consultation among its members in order to further define its objectives, identity and structure (Project Page). With a view to complement this internal process, the ICDPPC is launching a public consultation open to all individuals or organisations willing to give their views about the future of what has been the premier global forum for data protection authorities for nearly four decades now.

Should you wish to participate in this consultation, please consider the following indicative questions in order to develop your contribution:

• In your view, what should be the main objective of the ICDPPC as an international network of data protection authorities? What are your main expectations regarding the ICDPPC activities and outcomes in the field of privacy and data protection for the years to come?
• Which key privacy and data protection challenges should the ICDPPC address as a priority in the future? Do you consider that organisational or structural changes are needed for the Conference to succeed in delivering on such challenges?
• As an external stakeholder, do you foresee the need for an increased role and visibility of the ICDPPC at the international level? If yes, which tools and activities should the ICDPPC develop for this purpose?

When submitting your contribution, please, indicate the response to the questions below:

• What interest group do you belong to? (select)
  • Observer of the ICDPPC
  • NGO
  • Business /industry
  • Academic /think tank
  • Public authority
  • Government
  • Other (please specify)
• Have you participated in the ICDPPC as a delegate or a speaker in the past five years? Yes/No.
  If yes, what was your main objective to achieve at the conference? (please select all that apply).
  • Networking with privacy enforcement authorities
  • Understanding the latest developments in privacy/data protection
  • Networking with other non-privacy enforcement authority delegates
  • Speaking on a specific topic (keynote, panel etc) or exhibiting
  • Other (please specify)

  Read More

Hello to all of you, “The future is bright”. This was one of the slides presented by a speaker from civil society at last week’s conference in Casablanca. The African Network of data protection authorities was meeting and analysing how data protection could be a development leverage for the continent.  The discussion was truly inspiring, so many ideas and so much energy among all actors. Of course, a lot of challenges remain. But the African “digital revolution”, as some may call it, could offer a real opportunity to integrate from the start privacy and data protection in the digital ecosystem they want to build, attractive for consumers and investors.

The day after the conference, sun was still shining in Casablanca. The African network held its general assembly, starting with a discussion on the future of the International Conference, making its voice heard on the road we want our organisation to take.  With all these regional conversations through which ideas and needs are expressed, I believe we have a unique opportunity to build a collective project for our Conference. And I am eager to see the working group in charge making the most of these inputs.

Three weeks ago, a bright sun in Brussels also welcomed the election of our colleague Andrea Jelinek as the new Chair of the Article 29 Working Party. I had the opportunity to pass on all my wishes of success to Andrea, whom I am sure will deliver on the upcoming new chapter for data protection in the EU with the effective application of the GDPR as of 25th May.

25th May, this date has been repeated over and over during the last two years. Some commentators made it an absolute deadline, sometimes depicting it as a global data protection big bang. But it is not a revolution, most of the principles are known since 1995. It is actually more like a step forward, or a jump ahead, for which companies around the globe as well as data protection authorities have been preparing intensively. Europeans are now busy finalising the setting up of the European Data Protection Board, the final stage of the new EU governance model, which will be key to ensure the consistent application of the new European data protection regime, but also its interactions with authorities outside the Union.

In Brussels, the Article 29 Working Party also organized its session on the future of the Conference. I had the pleasure to chair the meeting together with a representative of the Office of the Privacy Commissioner of Canada. A report on the talks is already available.

Now I’m back in Paris. We are freezing below zero and there is no sun. But light can come from virtual things nowadays! I am glad to tell you that, through the poll that has been organized, our members have chosen artificial intelligence as the key theme for our closed session in October. Artificial intelligence being the new buzzword in the media, the next big thing or even sometimes the subject of fanciful analysis, it may be useful for us to take a clear stance on the matter, and to define our common interpretation on how best to address this technological development from a privacy and data protection perspective in the future.

As you can imagine, the Brussels annual conference already keeps the ICDPPC Executive Committee busy, with the preliminary work on the preparation of the closed session, on which I’ll be keen to keep you updated in future communications. I know for sure that we won’t be missing topics for discussion in Brussels since, when it comes to privacy and data protection, there is always something new under the sun!

Yours truly,

Isabelle Falque-Pierrotin

Chair of the International Conference executive committee

For this first message since Hong-Kong and even if it was quite a long time ago I would like to start by thanking Stephen Kai-yi Wong and the Office of the Privacy Commissioner for Personal Data in Hong Kong for hosting such a wonderful Conference. It was a great moment but also a symbolic one because we, collectively, as the Conference, decided to set up the scene for our future. This is extremely positive since it shows that we have come to a mature stage where we can ask fundamental questions such as: who are we and where do we want to go collectively? How can we make a difference and bring added value in the current global ecosystem?

Based on the solid work conducted on the future size and membership of the Conference the past year, we have decided, with my co-Chair of the Working group, Daniel Therrien, to rely on existing networks to gather as much as we can our views and feed our reflections with this substance. The more open the process will be, the more fruitful and legitimate the output will be.

In November, I joined Daniel for the 48^th APPA Forum in Vancouver where we kicked off this first discussion. Participants expressed views on a wide range of issues such as the Conference’s influence and policy leadership, its global outreach and cohesion, but also its governance, structure and cooperation methods. For sure, the ideas put forwards in Vancouver will be a valuable input in defining new objectives and the necessary means to achieve them. On top of it, we had the chance to discover the extraordinary Vancouver scenery and had a great time with our colleagues.

This month, the French-speaking data protection authorities network (AFAPDP) held a meeting in Paris on the occasion of its 10^th anniversary and also dedicated a session to the future of the International Conference. Again, with Daniel, we organised the discussion and, after a lively debate, many concrete proposals were put on the table. As in Vancouver, the exercise was not to agree on a position but to hear all views and gather all inputs in order to trigger the reflexion process. Then the authorities viewed the exhibition “Terra Data” within the Paris Sciences and Industry Museum. A great attempt to give concrete life to our subjects, which are sometimes a bit theoretical for the general public. If anyone is interested, this exhibition can tour!

The next rendez-vous for the consultation process will be in February in Brussels where EU authorities, members of the Article 29 Working party will get involved; other networks will follow in the upcoming months, so let the discussion continue!

Discussions reports of the APPA and AFAPDP meetings will be sent to you shortly and to the members of the working group on the future of the Conference.

On the European side, please let me just give you a quick update on our progress made regarding the GDPR implementation. We are finalising our guidelines and we expect to adopt most of them by the end of February in order to give as much as possible a clear interpretation of this new EU legal framework. All these documents are available online, so please feel free to have a look, and let us know what you think of them. Also, I am happy to share with you that a GDPR event will be organized in Brussels in October 2018, at the next international conference. Having all of us gathered at the same time in Europe the year the Regulation enters in application, just seems the perfect opportunity to have a “GDPR Talk”. Additional details will be communicated in due time but, for now, please pin down this event in your calendar!

This is all I can tell you now, before the year ends. I will end my note by wishing you, in all languages, a very, very Happy New Year 2018. I hope to see you join the conversation on the future of our Conference and I very much look forward to continuing the discussion with you,.

Yours truly,

Isabelle Falque-Pierrotin

Chair of the International Conference executive committee