Category Archives: Other

The Global Privacy and Data Protection Awards 2019 were celebrated last night at the 41st International Conference of Data Protection and Privacy Commissioners (ICDPPC) in Tirana, Albania.

Now in their third year, the Awards celebrate the achievements of the entire ICDPPC community and shine a light on good practice.

Elizabeth Denham CBE, Chair of ICDPPC and UK Information Commissioner, said: “The awards celebrate the creative ideas, the practical innovations and the brilliant people we are privileged to call part of our community. I hope the winners not only take home their award but also the pride that goes with that – to have been recognised by your peers.”

This year’s winners are:

Education and Public Awareness Award

Winner: Data Protection Authority of the Canton of Zurich, Switzerland

Project: Educational Resources for Children aged 4-9 years old

Bruno Baeriswyl, Privacy Commissioner, Data Protection Authority of the Canton of Zurich, said: “To receive an award by the ICDPPC is a great honor and encouragement for our Authority to continue our work in the area of education.”

Dispute Resolution and Enforcement Award

Winner: Office of the Privacy Commissioner, New Zealand (OPC)

Project: Inquiry into the Ministry of Social Development

John Edwards, New Zealand Privacy Commissioner, said: “My office is honoured to receive this award from the ICDPPC. OPC is particularly humbled given the calibre of entries from other data protection authorities. We are proud to have successfully advocated for the privacy rights of vulnerable members of New Zealand society. Our inquiry and resulting report illustrates that personal information is about people. Misusing that information can cause measurable harm – especially to individuals who have to depend on the welfare system to support themselves and their families. These people are entitled to fairness in the system. I do want to acknowledge the cooperation of the Ministry of Social Development and its commitment to fixing the wrongs identified in our report.”

Innovation Award

Winner: European Data Protection Supervisor (EDPS)

Project: Website Evidence Collector Tool

Thomas Zerdick, Head of IT Policy Unit at the European Data Protection Supervisor, said: “Global Privacy and Data Protection Award in ‘innovation’ emphasises that the data protection authority can approach its enforcement tasks in a modern and technically sophisticated way to address new and evolving challenges to data protection and privacy. We are also proud to share the software with other DPAs, civic society and individual ‘privacy geeks’ making it a freely accessible open source.”

Accountability Award and People’s Choice Award

Winner: Agencia Española de Protección de Datos (Spanish DPA)

Project: FACILITA_RGPD Tool

Ms Mar España Martí, Director of the Agencia Española de Protección de Datos (AEPD), said: “These awards are a great satisfaction for the Spanish Data Protection Agency, as they represent a recognition of the hard work of all its staff and also of its commitment to support organizations, in particular small businesses, to provide a high level of protection of the personal data they handle.”

Albanian Information and Data Protection Commissioner’s Award

Awarded to Giovani Buttarelli to recognise his outstanding contribution to the protection of personal data and privacy. Besnik Dervishi, the IDP Commissioner, handed the award to Wojciech Wiewiorowski, Acting European Data Protection Supervisor, who highlighted Giovanni’s legacy in the data protection and privacy community.

For more information on the awards and submitted projects, visit the ICDPPC website.

A message from Besnik Dervishi, Commissioner, Albanian Information and Data Protection Commissioner’s Office, Host Authority, ICDPPC 2019.

Dear colleagues,

It is an honor for me to welcome you all in Albania, the last secret of Europe, for the 41st International Conference of Data Protection and Privacy Commissioners (ICDPPC).

Only few decades ago, Albania was not just exotic: it was off-limits. In this context it is a great pleasure for me to bring the debate on data protection, one of the hottest topics at the moment, to Tirana.

For this, special thanks go to the Executive Committee of the ICDPPC for trusting us to host such a special event.

Given the rapid development that technology is having and the role it is playing in our lives, it seems that all roads will lead to Data Protection Authorities in the near future.

This prediction charges us with responsibility to build resilient legislative frameworks to protect personal data and privacy and have close cooperation among authorities. It vests international forums such as the ICDPPC outstanding importance.

We look forward to welcoming you in Tirana on 21-24 October to unwrap together all of the activities of the Conference that we have arranged for you.

To receive the latest updates from the Conference, make sure to download the Conference’s app and to follow our Twitter account at @ICDPPC2019 or the hashtag #ICDPPC2019.

We are getting ready for the 41st International Conference of Data Protection and Privacy Commissioners, hosted this year by IDP, the ICDPPC’s member authority in Albania.

This year’s Conference will take place in Tirana, Albania on 21 – 24 October 2019.

Registrations will open soon! More details to follow.

We are calling for proposals to host the ICDPPC Conference in 2021.

Deadline for submission is 22 April 2019.

See here for more details.

“At the meeting of the Executive Committee of the International Conference of Data Protection and Privacy Commissioners, held in London today, we discussed the shocking events in Christchurch. We share the privacy and dignity concerns highlighted by our colleague, New Zealand Privacy Commissioner John Edwards, arising from the live-streaming and distribution of the video of the attack. Online platforms have a responsibility to ensure their systems are effective in protecting privacy, something Commissioners have highlighted before.

“The Executive Committee also expressed its deepest sympathies to the people of New Zealand.”

*** Version Française ci-dessous***

 On 23^rd October 2018, the International Conference of Data Protection and Privacy Commissioners (ICDPPC) adopted its Declaration on Ethics and Data Protection in Artificial Intelligence. The text is now open for public consultation and all interested stakeholders are invited to contribute.

The Declaration endorses six guiding principles, as core values to preserve human rights in the development of artificial intelligence. These principles build upon data protection elements, but also expand to ethical considerations which are inextricably linked to the development of artificial intelligence.

The Declaration also calls for common governance principles on artificial intelligence to be established at international level. Such common governance must be able to tackle the challenges raised by the rapid evolutions of artificial intelligence technologies, on the basis of a multi-stakeholder approach in order to address all cross-sectoral issues at stake. In that spirit, the ICDPPC seeks views and feedback from all interested stakeholders on the adopted text.

Contributions received will notably feed into the work of the newly established ICDPPC Working Group on Ethics and Data Protection in Artificial Intelligence.

When submitting your contribution, please, indicate the response to the question below:

Which stakeholder group do you belong to? (select)

• Observer of the ICDPPC
• NGO
• Business /industry
• Academic /think tank
• Public authority
• Government
• Other (please specify)

Written contributions can be sent by 15^th February 2019 directly via email to the following address: ExCoSecretariat@icdppc.org (Subject: ICDPPC Public Consultation)

We kindly ask that contributions not exceed 5 pages. They can be submitted in English, Spanish or French.

Consultation publique – Ethique et protection des données dans l’intelligence artificielle: Consultation prolongée jusqu’au 15 février 2019

Le 23 octobre 2018, la Conférence internationale des commissaires à la vie privée  et à la protection des données (ICDPPC) a adopté sa déclaration sur l’éthique et la protection des données dans l’intelligence artificielle. Le texte est maintenant ouvert à consultation publique et toutes les parties prenantes sont invitées à contribuer.

La Déclaration édicte six principes directeurs, qui constituent des valeurs fondamentales pour la préservation des droits de l’homme dans le développement de l’intelligence artificielle. Ces principes s’appuient sur des éléments de protection des données, mais s’appliquent également à des considérations éthiques qui sont inextricablement liées au développement de l’intelligence artificielle.

La déclaration appelle également à des principes de gouvernance communs sur l’intelligence artificielle au niveau international. Cette gouvernance commune doit pouvoir relever les défis de l’évolution des technologies de l’intelligence artificielle, sur la base d’une approche multipartite de toutes les questions intersectorielles en jeu. Dans cet esprit, l’ICDPPC sollicite l’avis de toutes les parties prenantes intéressées sur le texte adopté.

Les contributions reçues contribueront notamment aux travaux du nouveau groupe de travail de l’ICDPPC sur l’éthique et la protection des données en intelligence artificielle.

Lors de la soumission de votre contribution, veuillez indiquer la réponse à la question ci-dessous:

À quel groupe de parties prenantes appartenez-vous? (sélectionner)

• Observateur de l’ICDPPC
• ONG
• Commerce / industrie
• Académique / groupe de réflexion
• Autorité publique
• Gouvernement
• Autre (veuillez préciser)

Les contributions écrites peuvent être envoyées avant le 15 février 2019 directement par courrier électronique à l’adresse suivante: ExCoSecretariat@icdppc.org (Objet: ICDPPC Public Consultation)

Nous vous demandons de bien vouloir ne pas dépasser 5 pages. Les contributions peuvent être soumises en anglais, espagnol ou français.

As the 40^th ICDPPC Annual Meeting is coming to an end, the Closed Session, which gathered this year 236 delegates from 76 countries, has released the outcome of its two-day discussions, paving the way for the future of data protection and privacy at global. On this occasion, the International Conference of Data Protection and Privacy Commissioners (ICDPPC) has welcome 4 new member authorities and 11 new observer organisations.

A roadmap on the future of the Conference, setting the basis for a more permanent and vocal international organisation advancing privacy and data protection.

The ICDPPC has decided to set a new horizon, beyond the mere organization of an annual conference. The member authorities have adopted a roadmap for the future of the International Conference, with the aim of gradually transforming it into a permanent, more visible, more operational organization for its members. Plans for the establishment of a stable and funded secretariat are to be presented at the next Closed session meeting in 2019.

As part of the roadmap on its future, the International Conference notably considered the setting up of a consultation platform or “contact group”, involving all relevant external stakeholders, in particular civil society organizations, in order to facilitate dialogue and exchanges on the ICDPPC activities and preparation of annual meetings.

Addressing the ICDPPC Open Session this morning, Isabelle Falque-Pierrotin, Chair of the ICDPPC Executive Committee declared: “What is set in motion is the movement towards the establishment of a true international organization for data protection and privacy, which can bring our vision into the major global debates that are taking place. This is a major achievement for our organization, which has been prepared for many months through a consultation of almost all of our members. It is also a signal for the world around us: data protection is a central and operational issue in the global digital world being built and the authorities will play their role, that of an ethical and democratic stabilizer of our society.”

Declaration on ethics and data protection in artificial intelligence

The Closed session also adopted a landmark text, the ICDPPC Declaration a Declaration on ethics and data protection in artificial intelligence, in order to contribute to the global discussion on this matter. The declaration endorses six guiding principles, as core values to preserve human rights in the development of artificial intelligence. These principles first of all build upon data protection elements, but also expand to ethical considerations which are inextricably linked to the development of artificial intelligence.

The Declaration also calls for common governance principles on artificial intelligence to be established at international level. Such common governance must be able to tackle the challenges raised by the rapid evolutions of artificial intelligence technologies, on the basis of a multi-stakeholder approach in order to address all cross-sectoral issues at stake. In this regard, the text adopted will shortly be open for public consultation.

Other adopted resolutions

Following a report back from the ICDPPC thematic Working Groups, the Closed session adopted three other resolutions on e-learning platforms, on the Conference Census and on collaboration between Data Protection Authorities and Consumer Protection Authorities.

Second edition of the ICDPPC Global Privacy and Data Protection Awards

ICDPPC Members had submitted 56 projects competing for the ICDPPC Global Privacy and Data Protection Awards 2018, available here. Winners have been announced at the beginning of the week with the “Public Awareness and Education” Award going to Albania (IDP) for its postal stamps, the “Innovation” and “Accountability” Awards going to France (CNIL) for its PIA software, and finally the “Dispute Resolution and Enforcement” Award to the United Kingdom (ICO) for the ICO’s investigation into use of data analytics and micro targeting for political purposes.

Leadership transition

Two new members of the ICDPPC Executive Committee have been elected: the Philippines’ National Privacy Commission (NPC) and the Office of the Australian Information Commissioner (OAIC). With the mandate of Isabelle Falque-Pierrotin coming to an end, the ICDPPC has elected Elizabeth Denham, the UK Information Commissioner (ICO) as new Chair of the Executive Committee.

See you next time!

The Closed session ended up with a presentation of the next annual meeting which will take place in 2019 in Tirana, Albania, hosted by the Office of Information and Data Protection Commissioner (IDP). The ICDPPC Closed session also formally announced that the Mexican National Institute for Transparency, Access to Information and Personal Data Protection (INAI) will be the hosting authority for the 2020 Annual Meeting, to be held in Mexico.

As vehicles become increasingly connected to the Internet and to other vehicles, more and more personal data will be collected and processed by the vehicles. Relevant types of data collected by the vehicle’s sensors may concern driver behaviour or information about other people inside or outside the vehicle. This data may be processed by the vehicle’s IT systems, or when other personal devices connect to it. The advent of autonomous vehicles will raise additional privacy issues, as their functioning will require the collection and use of significant amounts of data.

The ‘Berlin Group’ Working Paper on Connected Vehicles analyses the different types of data that can be collected, generated, transmitted, processed or retained by connected vehicles and identifies the privacy risks involved in these processes. The paper provides recommendations for manufacturers, third party service providers, standardization bodies, public authorities and rule makers as well as for drivers of connected vehicles on how to effectively avert these risks. This initiative also follows up on the ICDPPC Resolution on Data Protection in Automated and Connected Vehicles adopted last year.

The Working Paper is available for download

For its second edition, the ICDPPC Global Privacy and Data Protection Awards have gathered a total of 64 projects submitted by ICDPPC members, now publically available online. A look through the many diverse and inspiring entries presented in the four different categories (Education and public awareness, Innovation, Accountability, Dispute resolution and enforcement) shows the vitality and commitment of privacy and data protection authorities throughout the world in fulfilling their tasks and delivering on their missions.

An online vote will be organised in September 2018 so that each ICDPPC member can cast its vote and designate the award winner in each category. In addition, all entries submitted will compete in the ‘People’s Choice’ category, for which all member authorities’ staff will be invited to vote.

The winning entries to be announced at the 40th Annual Meeting in Brussels, on Monday 22nd October 2018. May the best one win!