We are delighted to announce that Professor Woodrow Hartzog will address audiences at PrivSec conference, taking place November 5th and 6th at Columbia University, New York City.
Hartzog is Professor of Law and Computing Science at Northeastern University School of Law and the Khoury College of Computer Sciences.
He is also a non-resident Fellow at The Cordell Institute for Policy in Medicine & Law at Washington University, a Faculty Associate at the Berkman Klein Center for Internet & Society at Harvard University, and an Affiliate Scholar at the Center for Internet and Society at Stanford Law School.
Hartzog’s research on privacy, media, and robotics has been published in scholarly publications such as the Yale Law Journal, Columbia Law Review, and California Law Review and popular publications such as The New York Times, The Washington Post, and The Guardian. He has been quoted or referenced in numerous articles and broadcasts, including NPR, BBC, and The Wall Street Journal.
He is the author of Privacy’s Blueprint: The Battle to Control the Design of New Technologies, published in 2018 by Harvard University Press.
Prior to his talk at PrivSec NYC, we spoke with Professor Hartzog to hear more about his views on the evolving relationship between data privacy and security.
- Q) To what extent are privacy and security intrinsically linked?
In one sense, privacy and security involve different practices, skillets, and knowledge. Cybersecurity can be highly technical and privacy rules can be highly focused on administration and organizations.
In a different sense, however, privacy and security are intimately related because they both involve human information. Rules that limit the collection of data for privacy’s sake can also decrease the risk of a security breach. (Data that doesn’t exist cannot be exposed).
Additionally, privacy and data protection rules often include data security as a key component, so those who deal with privacy and security have a great incentive to work together and share competencies.
Q) What are the priority areas for data professionals and security chiefs to address as they bid to develop cyber security and privacy within an organisation?
The five basic components of sound data security programs outlined by the FTC are one of the best places to start:
1) Identification of assets and risk
2) Data minimization
3) Administrative, technical and physical safeguards
4) Data breach response plans.
Additionally, vendor management, incorporation of artificial intelligence into safeguards and as well as threat modelling, and vulnerability patching seem to be key to sound programs.
Q) What impact are data privacy laws having on technology advancements, for example in the field of AI and smart infrastructures?
Generally, we aren’t seeing privacy laws that target or aim to stimulate specific technological advancements, but the rules that require reasonable data security are often drafted broadly enough to allow and encourage companies to embrace the state of the art (or at least industry standard) technologies to help secure people’s data.
Q) Are consumers waking up to the value of personal data and the importance of keeping it secure?
Yes, I think consumers are finally beginning to realize the importance of securing personal data. Cambridge Analytica and Equifax were big wake up calls to society, industry, and lawmakers. The recent record-breaking FTC settlements in these cases also speaks to the growing seriousness of data security.
Q) What are your predictions within your industry regarding data privacy developments for 2020?
I think Congress will pass a privacy law, but it will not be an omnibus data protection regime. Rather, the FTC is likely to be granted rulemaking authority for limited areas like data security. States will continue to explore modifying their own privacy rules in ways similar to California. Europe will be clarifying and enforcing the GDPR.
Hear Professor Woodrow Hartzog live at PrivSec New York
Hear Professor Hartzog give his talk, “The power of design and the limits of control”, live and exclusively at PrivSec New York.
Professor Hartzog joins a high-profile list of guest speakers and representatives from global names, including Uber, the New York Times, BNY Melon, Bank of England, Raytheon and many more.
As the march towards stronger US data privacy laws continues, PrivSec NYC comes at a critical time in the debate between law makers and enterprise. With the CCPA deadline looming closer, the need for ideas, debate and innovation in data privacy has never been greater.
To find out more about PrivSec New York, click here.
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/