The Debate on Data Collection and Ethics: ICDPPC Brussels 2018
Data Privacy Frontline Report from the 40th International Conference of Data Protection and Privacy Commissioners (ICDPPC) Brussels, Belgium
The 40th International Conference of Data Protection and Privacy Commissioners (ICDPPC) was held in Brussels, Belgium, 22-25 October 2018. With headline speakers like Apple CEO Tim Cook, the event brought together accredited data protection and privacy authorities, industries, and civil society organizations, working to advocate for the highest data protection standards.
Privacy Analytics’ Chief Methodologist Luk Arbuckle chaired a panel to discuss how health research can be conducted in the context of GDPR: what are the challenges, and what are the remedies?
Panelists discussed how organizations determine the lawful basis for their health research activities, and how they applied pseudonymization and anonymization as privacy protective measures accordingly. Mr. Arbuckle provides his perspective on the conference:
WHAT WAS ‘THE BIG IDEA’?
“When Joe Cannataci, the United Nations Special Rapporteur on the Right to Privacy, spoke about how mobile has completely revolutionized the lives of people in emerging economies, it hit me because those devices have such global reach and impact: we’re talking about 60% of the world’s population. Our conversations around data privacy are usually localized to our own experiences and concerns, but there’s a whole other world out there! I had a similar reaction when Pansy Tlakula, the Chairperson of the Information Regulator of South Africa, pointed out how a vulnerable and impoverished population was exploited in her country, when personal data was processed by an agent working on behalf of the government, and how they were manipulated into signing up for services without necessarily being aware of the consequences.
“So one of the focal points was how people are being manipulated, regardless of economic background or country of origin. Where the letter of the law may be consent or ‘opt-in’, the spirit or intent of the law may be much broader; that there is greater need for an ethical interpretation. And the ethical view of data privacy compels us to advise people not only how their data is being used, but to protect them from misuse when it’s contrary to their best interests.”
WHO WAS THE AUDIENCE?
“The audience was international and diverse, with chief privacy officers, data protection officers, privacy/data protection lawyers, relevant policy makers and technologists (including privacy engineers).”
WHAT VALUE DID PRIVACY ANALYTICS BRING TO THE CONFERENCE?
(Illustration from THE CARTOON INTRODUCTION TO DIGITAL ETHICS, courtesy The European Data Protection Supervisor/EDPS and ICDPPC)
Luk Arbuckle is the co-author with Privacy Analytics’ CEO Dr. Khaled El Emam of “Anonymizing Health Data: Case Studies and Methods to Get You Started” (O’Reilly Media, updated 2014)
Mr. Arbuckle was formerly Director of Technology Analysis at the Office of the Privacy Commissioner of Canada; Research Manager and Data Scientist at the Children’s hospital of Eastern Ontario (CHEO) Research Institute; and Director of Analytics at Privacy Analytics. He holds multiple graduate degrees and was awarded numerous scholarships and bursaries, including a Canada Graduate Scholarship doctoral award. He is a featured speaker at data privacy conferences worldwide, including MIT CDOIQ 2018.
- Turn Data Assets into Business Opportunity Under CCPADecember 19, 2019
- How does risk-based anonymization work?December 18, 2019
- Why should I use Expert Determination over Safe Harbor?December 18, 2019
- What do I need to know about GDPR, HIPAA and CCPA to meet our regulatory and privacy obligations?December 18, 2019
- Should we invest in building our own de-identification capability?December 17, 2019
- GDPR and The Future of Clinical Trials Data SharingMarch 18, 2019
- Advancing Principled Data Practices in Support of Emerging TechnologiesMarch 15, 2019
- “Zero Risk Does Not Exist”February 7, 2019
- Is Anonymization Possible with Current Technologies?January 9, 2019
- Comparing the benefits of pseudonymisation and anonymisation under the GDPRDecember 20, 2018