On Monday 13th April, we saw the ICO’s 12th annual Data Protection Practitioners’ Conference. This took place at the Manchester Central Conference Centre.
The day had a variety of events, including a talk from President and Executive Director of Electronic Privacy Information Centre, Marc Rotenberg. We also enjoyed panel sessions covering important topics, including what Brexit means for Data Protection.
All of the speakers were raising interesting discussion points throughout the day. I would like to take the time to discuss the two that I found myself most fascinated by.
First, the ICO’s focus on the accountability principle of the GDPR. Second, the developing area on Ethical Data Protection and AI profiling.
One: “Accountability encapsulates everything the GDPR is about.”
The Commissioner made the message on prioritising accountability clear in her opening speech for the DPPC. Simple demonstration of compliance is not enough. The emphasis is instead on the ability to demonstrate you are compliant.
This strong message from Elizabeth Denham will likely be a welcome one to Data Protection Professionals across the country. They may be battling to convince organisations that the GDPR is not a one-time tick box, but a factor to consider continually.
The Commissioner’s reinforcement of this point should help cement Data Protection’s integration into business culture. The progress we have made in the year since GDPR came into force is a promising start. We must continue the trend in the right direction.
Two: Technology, ethics and compliance – leave no room for loopholes.
I would like to congratulate Mikko Nava for winning the second ICO Data Practitioner of the Year award. I thought his acceptance speech was genuine and gracious. His thoughts on the industry being “the intersection between technology, ethics and compliance,” are thought provoking in its own right.
Data privacy incorporates so many areas which are in the process of change and growth. The only way to ensure the protection of data subjects is by reaching an balance between technology, ethics, and the legislation which is already in place.
To reach this balance, forward-thinking ethical and legal discussion is required. We also need to improve the understanding of these technologies, such as the growing use of Artificial Intelligence (AI).
It was a welcome sight to see the ICO taking steps towards striking this balance. Their AI auditing framework blog is a useful starting point. I will be putting out a few thoughts on this topic myself, over the coming months.