A question of ethics: Experts unpack data security at Data Protection World Forum

The focus of the data protection world fell upon London’s Excel arena this week as the biggest names in data security addressed an international audience of business owners, executives, and IT leaders.

Featuring government figures, entrepreneurs, cyber-leaders, legal high-flyers, journalists, even regulators and hackers themselves, the depth and diversity of the roster made for a fascinating and educative programme.

Over no fewer than eight specialised content theatres, attendees were given a thorough appraisal on the data security landscape in a post-GDPR world, as well as guidance on how to adapt to legislative demands as privacy laws evolve.

Equally comprehensive was the range of industries, domains and sectors addressed at the conference, from finance, politics and national security, to technology innovation, robotics and the dark web.

Advice and guidance

One Trust VP, Kevin Kiley got the ball rolling on day 1 at the Keynote Conference Theatre by distilling the GDPR world so far. Central to Kevin’s message was the reminder that compliance is a rolling affair, something that organisations need to dedicate resources to on a permanent basis.

Only then can data privacy culture become a living, breathing entity that protects the organisation and the data subject, while providing a powerful differentiator allowing firms to champion themselves as ethical, responsible data handlers.

ICO Deputy Commissioner, Steve Wood developed the theme of responsibility on the Keynote Theatre’s second day, with his breakdown of the UK regulator’s study of data analysis in politics.

The investigation, “Democracy Disrupted?” hammered home the very real danger the global community faces should data misuse revealed by the Facebook / Cambridge Analytica scandal erode citizens’ trust in the democratic process.

Last month Facebook was hit with a £500,000 fee – the maximum allowed under the Data Protection Act 1998 for its role in the data breach, a penalty the social media platform has decided to appeal against.

Steve Wood used the breach to establish transparency, control and accountability as the three pillars of the GDPR, a message that was put up in lights by former BBC journalist Jamie Bartlett, the following day.

Bartlett painted Facebook / Cambridge Analytica as a slipping of an institutional mask behind which lurks the face of a far greater shock and scandal.

“They made a tool that tricked people into voting for Trump using targeted Facebook ads. If only it were that simple. The reality is more worrying – what Cambridge Analytica did is industry standard.”

If the deeds of those in power are eroding faith in the system, it comes as something of a paradox that hope for data privacy technology finds nourishment in the criminal domain, where hackers are absolutely committed to remaining untraceable, the author of The Dark Net, told an intrigued audience.

Data as the new currency of crime

The fight against cyber-crime was elaborated upon by Sir Rob Wainwright, Senior Cyber Partner at Deloitte.

Wainwright, who was the director of Europol from 2009 to 2016, told the story of hackers had exploited 3rd party invoice chains and malware to access ATMs across Europe.

Waiting with sacks at targeted cash points that would spew out notes at the behest of button pressed many hundreds of miles away, the criminals stole a total of $1.2billion.

The crude gathering of the loot belied the ruthlessly sophisticated nature of a smooth, converged criminal operation, and it’s this efficiency that police forces relying on siloed or separate data streams simply cannot match.

After lunch, delegates heard Rohit Talwar’s talk on the opportunities of AI, the seven stages of AI, and blockchain technologies.

Three core types of application for AI – augmentation, replacement, scale – described how the technology is augmenting humans’ work, replacing human workers and achieving exciting outcomes at super-massive proportions.

The “smarttress” (smart mattress) is a sophisticated AI device in a new generation of IoT appliances that can help you sleep. But what are the privacy implications when it can let you know via an app on your phone if your partner is cheating on you?

Pernille Tranberg, founder of Data Ethics, picked up the surveillance thread by suggesting that “smart” devices might be better named “creepy”, before identifying some of the firms that are leading the way with the ethical approach.

French insurance company, MAIF, for example, believe that individual data subjects are the only “legitimate persons to leverage their own data”. AULA, a social media platform for kids, teachers and parents does not have third-party cookies, no profiling, and has no “like” facility, cutting deep into a mechanism that has been identified as a source for much angst among social media devotees.

Expert debate

Panel discussions at Data Protection World Forum gave our speakers a chance to delve deeper into some of key issues of data privacy, while delegates contributed with views of their own from the floor.

At the Governance, Risk and Compliance (GRC) Seminar, the audience were guided on RegTech by Nirvana Farhadi, Global Head in Financial Services RegTech at Hitachi.

Alongside Rupert Spiegelberg, CEO at IDnow, and Tom Harwood, Chief Product Officer and co-founder at Aeriandi Ltd, Nirvana led debate on change through RegTech, and whether self-governance is needed as the RegTech ecosystem evolves.

Live discussion network

Perhaps most exciting at Data Protection World Forum were the connections being made on the exhibition floor, as delegates met with our many sponsors and exhibiting businesses to share ideas, experiences and opportunities in the data protection landscape.

We were delighted to read many of the positive stories play out over social media over the two days at the Excel arena.

“Great connections at Data Protection World Forum,” Privacy Solved @privacysolved

“A great couple of days with some great people!” Richard Merrygold, Director of Group Data Protection / Group Data Protection Officer @richmerrygold

“Good day spent with the DPS team @DataProtectWF. Insightful keynotes and great speaking to so many people expressing such an interest into the work we’re doing,” Chris Hayward, Senior Advisor and Talent Acquisition at Dell EMC @chaywardDellEMC

“WOW! What an INCREDIBLE two days at @DataProtectWF! Our booth was buzzing, we had great conversations about #dataprotection, from the #GDPR to #encryption, and the speakers were AMAZING (including our very own Lorena Magee)!” Echoworx @echoworx

“Had great fun giving my talk on assessing privacy impacts to data subjects today at #DPWF – working for @ProtectureDPO gives me so many great opportunities to observe and advise on data protection in practice, best job ever!” @MissIG_Geek

With 2019 set to be even bigger for data protection, the industry landscape may be very different in a year’s time.

We hope you can join us at Data Protection World Forum 2019, where we’ll be leaving no stone unturned.

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.