#privacy: Alison Pepper to speak at PrivSec New York

Alison Pepper

Alison Pepper will address audiences at PrivSec conference, taking place November 5th and 6th at Columbia University, New York City.

Alison Pepper currently serves as the Senior Vice President of Government Relations at the American Association of Advertising Agencies (4As) in Washington, D.C. In that role she works with regulators, legislators, and cross-industry stakeholders on issues of importance to the advertising community.

She focuses on public policy issues that exist at the intersection of privacy, technology, media and data. In her thirteen years working in DC and San Francisco, she’s worked on these issues from multiple angles representing thousands of companies.

Prior to her current role, she served as the Assistant General Counsel and Senior Director of Public Policy at the Interactive Advertising Bureau (IAB) based out of their Washington, D.C. and San Francisco offices.

Alison is a native of Georgia, USA. She holds a B.A. from the University of Georgia and a J.D. from Georgia State University.

Prior to her appearance at PrivSec New York, we spoke with Alison to hear more about her views on the role of innovation within data privacy and security, and how consumers are playing a more active role in defending their privacy rights.

Q) What impact are data privacy laws having on technology advancements, for example in the field of AI and smart infrastructures?

One of the concerns that many technologists have around new data privacy laws is that they could restrict the ability to collect and store large data sets, one of the building blocks of a lot of AI applications. Machine learning, arguably a subset of AI, is going to likely rely on historical data sets.

If consumers (in both the EU and the US) decide to aggressively enforce many of the new consumer access rights being granted under various data privacy statues, then the ability of large data sets to be compiled for machine learning might fail to materialize. As legislators and regulators continue to look at data privacy, striking the right balance between protecting consumers and advancing AI’s problem-solving promise will continue to be a struggle.

Q) Are consumers waking up to the value of personal data and the importance of keeping it secure?

Consumers are aware that there is value to personal data in a way they’ve likely never been before, even if they don’t always have a fully accurate picture of the value of the data.

I recently spoke with a start-up company that’s pioneering “micro-zero-party” transactions, i.e. allowing consumers to sell their personal data directly to advertisers. In early trials of letting consumers set their own prices, many decided that the value of their data in a certain context was $10 a month.

The actual open market value of that data was closer to 8 cents a month. So, a bit of a discrepancy in perceived value vs. actual value.

Q) To what extent are privacy and security intrinsically linked?

Security and privacy are in some ways two sides of the same coin. You really can’t have one without the other, but you also can’t approach them the same way from a policy perspective.

Privacy has in some ways proven to be a more elusive subject, as its definition and parameters have proven hard to define, and can even shift based on cultural norms. Security on the other hand, tends to benefit from a more unified understanding of goals and objectives – and with a set of globally-recognized standards that form the baseline for a lot of network security.

Q) What are the focus points for data and security chiefs to look at as they bid to develop cyber security and privacy within an organisation?

For many U.S. companies, GDPR did not apply to them, so they did not go through the data-mapping processes that companies subject to the GDPR went through.

But California’s privacy law (CCPA) will likely apply to them, as California is the U.S.’s largest market. With that in mind, U.S. companies should now be focusing on internally data-mapping, if they did not do it for GDPR.

They should make sure they understand where their data is coming from, where it is going, where it is being stored, how long it is being stored, and who has access to it. They should understand what their service providers are doing with data. Once companies have a thorough understanding of their data flows, they will be better-positioned to comply not just with California’s privacy law, but with the increasing security and privacy statues being introduced around the country.

Q) What are your predictions within your industry regarding data privacy developments for 2020?

Data privacy will continue to be a hot topic into 2020 and beyond, mainly because new technological developments will continue to push the boundaries. New permutations of the data privacy issue will continue to percolate, particularly concerning algorithmic fairness issues.

Hear Alison Pepper live at PrivSec New York

Joining a panel debate at PrivSec New York, Alison will be speaking on privacy as a differentiator and discussing what the term means and whom benefits from it.

Alison Pepper joins a high-profile list of guest speakers and representatives from global names, including Uber, the New York Times, BNY Melon, Bank of England, Raytheon and many more.

As the march towards stronger US data privacy laws continues, PrivSec NYC comes at a critical time in the debate between law makers and enterprise. With the CCPA deadline looming closer, the need for ideas, debate and innovation in data privacy has never been greater.

To find out more about PrivSec New York, click here.


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/