The Privacy Insider by WireWheel

A risk-based approach was an innovation promised by policymakers. Risk-based meant the likelihood and magnitude of adverse outcomes on people related to the processing of their data. Yet privacy regulators and courts ​often discount ​risk analysis ​that is not directly tied to individual autonomy, transparency, or the ability to exercise data subject rights, negatively impacting innovative data uses.Join us for this session​ where we will show examples of how companies can leverage a risk-based approach to manage their privacy program.

As generative AI tools, like ChatGPT, continue to gain popularity, concerns about privacy and data protection have also arisen. Our panel features three distinguished experts in the field of privacy and generative AI who will explore the legal, technical, and ethical challenges related to the use of AI systems.Throughout the discussion, our panelists will share their experiences and insights into the complex landscape of privacy, data protection, and generative AI. We will explore the legal and regulatory requirements that must be considered, as well as the technical and ethical considerations of implementing AI systems.Our panelists will also discuss the efforts being made by regulators around the world to address the challenges related to the use of AI systems. We will discuss the EU's AI Act, the US National Institute of Standards and Technology's AI Risk Management Framework, and the California Privacy Protection Agency's upcoming rulemaking on automated decision-making under state law.

The Federal Trade Commission (FTC) has recently taken enforcement action against both GoodRx and BetterHelp for their handling of sensitive health information.GoodRx has been accused of failing to report unauthorized disclosure of consumer health data, while BetterHelp has been accused of deceptive marketing practices and violating data tracking and health privacy regulations. Both companies have been fined, BetterHelp $2.2. million and GoodRx $1.5 million. They are required to implement stronger privacy and data security measures.These cases emphasize the importance of safeguarding sensitive health information and complying with data privacy regulations to protect consumers.

Clean rooms have emerged as a promising solution for brands looking to connect with trusted data partners while managing sensitive customer data in a privacy-first era. With the looming post-cookie future, clean rooms offer a collaborative technology for organizations to run advanced analytics across their key customer touchpoints and channels.However, concerns remain about the inconsistent approach among providers, unclear privacy protections, and insufficient personally identifiable information. The industry needs to develop further regulatory and ethical standards for clean room operation to align with existing norms and industry standards.Despite the challenges, data-savvy organizations are investing in clean rooms, and this session will provide insights into best practices for ensuring data security, compliance, and control while enabling risk-free data sharing.

The GDPR was implemented nearly five years ago, and has established Europe as a global leader in tech regulation. Now new regulations such as the DSA, DMA, AI Act, and the European Strategy for Data have changed the landscape.Join us on January 10, 2023, for this webinar with Karolina Mojzesowicz, Deputy Head of Unit Data Protection, European Commission, where we will discuss the lessons learned from the implementation and enforcement of the GDPR, and explore how these new regulations will interact with it.We will also address questions such as: Are there aspects of the GDPR that may need to be revisited in light of the new tech regulation? How can we ensure consistency and compatibility between these regulations? And, what support will be provided to European businesses to help them navigate and compete in this new regulatory landscape?Don't miss this opportunity to stay up-to-date on the latest developments in tech regulation in Europe.

Stacey Schesser, the California Attorney General, will be speaking on the topic of “Enforcing & Implementing California's Landmark Privacy Laws.”In this panel discussion, Ms. Schesser will provide an insider's perspective on the enforcement of the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). She will discuss the various tools at her disposal for ensuring compliance, as well as the challenges and opportunities presented by these laws to businesses.Ms. Schesser will also offer practical advice for compliance, and an update on the latest developments in California's privacy landscape.

In August, California Attorney General Bonta announced the first-ever California Consumer Privacy Act (CCPA) enforcement action, a $1.2M settlement with Sephora. While CCPA gives consumers a wide range of rights, it creates a series of obligations for businesses.This groundbreaking Sephora case involved an overlap in marketing and privacy that many brands are now assessing: targeted advertising data collection and opt-out policies.

Bringing together experts in privacy law and policy to discuss their insights and forecasts for the future of privacy in the coming year. The panel consist of legal scholars, policymakers, and industry experts, who will share their thoughts on the key trends and developments that are likely to shape privacy in 2023. Topics of discussion include the impact of emerging technologies, the evolution of privacy regulations, and the role of privacy in the digital economy.This panel will provide a forward-looking perspective on the state of privacy, and offer insights on the challenges and opportunities that lie ahead.

The IAB's GPP (Global Privacy Policy) and MSPA (Media Rating Council's Media Supply Chain Transparency and Data Governance Program) will discuss the efforts of the Interactive Advertising Bureau (IAB) to promote privacy and transparency in the digital advertising industry.The GPP is a framework of privacy principles that aim to provide guidance on data collection, use, and disclosure in the digital advertising ecosystem.The MSPA, on the other hand, is a set of guidelines and standards for media supply chain transparency and data governance. The panel will consist of experts from the IAB and other organizations involved in developing and implementing the GPP and MSPA.

We discuss the challenges and opportunities of implementing the California Privacy Rights Act (CPRA) and other state-level privacy regulations. This panel consists of experts in privacy law and policy, and will focus on the unique challenges and considerations of implementing state-level privacy regulations. They will discuss the requirements of the CPRA and other state laws, and explore best practices for compliance.Additionally, the panel will discuss the potential challenges and opportunities of coordinating among different states to create a consistent and effective framework for privacy regulation.

WireWheel brings together leaders from advertising companies, as well as privacy experts and legal professionals to discuss the CPRA and how it differs from other privacy laws. We'll explore the impact of the CPRA on the advertising industry, including the challenges of complying with the law and the potential risks and benefits of the new regulations.The panel will also offer insights on how the advertising industry can prepare for and adapt to the changes brought about by the CPRA.

Features a conversation with Cameron Kerry, a prominent expert on privacy law and policy. The panel will focus on the current state of privacy law in the United States, and the challenges and opportunities of creating a comprehensive federal privacy law. Kerry will share his insights on the complexities of the issue, and discuss the key factors that need to be considered in order to develop an effective and sustainable privacy framework.The panel will also provide an opportunity for audience members to ask questions and engage in a dialogue with Kerry on the path to a comprehensive federal privacy law.

Discusses the challenges and opportunities of developing and implementing privacy safeguards for immersive technology such as virtual and augmented reality. This rapidly growing field has the potential to revolutionize industries and change the way we interact with the world, but it also raises complex privacy concerns.Panelists will discuss the current state of privacy regulations for immersive technology, and offer insights on best practices for protecting user data and ensuring that individuals have control over their personal information.

A risk-based approach was an innovation promised by policymakers. Risk-based meant the likelihood and magnitude of adverse outcomes on people related to the processing of their data. Yet privacy regulators and courts ​often discount ​risk analysis ​that is not directly tied to individual autonomy, transparency, or the ability to exercise data subject rights.From Schrems II on this has negatively impacted innovative data uses. Yet it is clear that data protection, while fundamental, is not absolute. Rights such as the rights to fair employment, better health, safety and conduct business need to be part of the equation. The answer is to graphically represent risk analysis to achieve demonstrable accountability.That is the glass breaking topic for this session​ where we will show examples of how this can be done.

EU-US Data Privacy Framework – Our Expert Commentators!You have just heard from the lead negotiators for the US and EU about the current state for the new EU-US Data Privacy Framework (EUDPF), and what the path is to an Adequacy Decision.Now hear from some of our leading experts on what this means, and how companies should plan for the new EU-US DPF, including:The New Executive Order directing Federal Agencies to implement measures for complying with the European Union-U.S. Data Privacy Framework.How Companies can prepare for the new requirements in the EU-US DPF.

Hear from the lead negotiators of the European Union-U.S. Data Privacy Framework on how it came together, what challenges were involved, and what they see on the horizon of cross-border transfers with the EU.

In August, California Attorney General Bonta announced the first-ever California Consumer Privacy Act (CCPA) enforcement action, a $1.2M settlement with Sephora. While CCPA gives consumers a wide range of rights, it creates a series of obligations for businesses.This groundbreaking Sephora case involved an overlap in marketing and privacy that many brands are now assessing: targeted advertising data collection and opt-out policies

This panel will discuss the regulations and guidelines that are in place to ensure that products, services, and online content are designed in a way that is appropriate for different age groups. The panel will address issues such as data privacy, advertising, and access to age-restricted content. The panel consists of experts from both the EU and US. They will share their insights on the challenges and opportunities in creating age appropriate design code, and explore best practices for ensuring that children and young people are protected online.

Did you know that use of the Facebook/Meta Pixel is now a “sale” of data under CCPA? Did you know that sharing customer data for measurement, frequency capping, and cross-contextual behavioral ads may also be a “sale” of data?Learn about:The definition of Do Not Sell and Do Not Share and what they coverThe targeted advertising technology affected by Do Not Sell and Do Not ShareWhat you need to do today to comply Any information or materials that WireWheel provides, including but not limited to presentations, documentation, forms, and assessments, are neither legal advice nor guaranteed to be accurate, complete or up-to-date.Participants are encouraged to seek the advice of licensed attorneys regarding any legal compliance or other legal matters related to the matters discussed or presented in this webinar and the related materials. The information and materials provided in this webinar are not intended as legal advice, and participants should not rely on them as such.

Join privacy experts, Rick Buck, WireWheel CPO, and Sheridan Clemens, WireWheel VP of Privacy, to understand what companies need to do to be prepared for these requests.In this webinar you will learn:Who needs to comply? What types of employees are covered?How should companies collect the requests?How should companies think about processing requests?What is different about fulfilling employee data subject access requests (DSARs) vs. consumer DSARs?What should you do today to start to get prepared?What can we learn from companies' experiences in Europe?Any information or materials that WireWheel provides, including but not limited to presentations, documentation, forms, and assessments, are neither legal advice nor guaranteed to be accurate, complete or up-to-date.Participants are encouraged to seek the advice of licensed attorneys regarding any legal compliance or other legal matters related to the matters discussed or presented in this webinar and the related materials. The information and materials provided in this webinar are not intended as legal advice, and participants should not rely on them as such.

Join us as Rick Buck, Chief Privacy Officer discusses the upcoming CPRA Regulation, how it may affect your organization, and how you can comply with it.In this webinar, you will learn:How to get ready for the CPRADifferences between opt-in/opt-outHow CPRA differs from GDPRAnd much more!

Determining the best privacy technology for your organization can be overwhelming. In this session, privacy experts provide you with the knowledge on what you should consider before making software decisions.

Enterprises trying to keep up with technological advances and a rapidly changing regulatory landscape can learn from their public sector counterparts who have been finding innovative ways to publish data while respecting the privacy of individuals.This talk will review recent uses of differential privacy in the public sector, based on actual case-studies at the US Census Bureau and the Internal Revenue Service. We will emphasize the tools and processes that enable “negotiations” between the parties most concerned with privacy and those most concerned with accuracy, or “fitness for use”, of the released data. We will explain the benefits that drove the adoption of differential privacy and how they can be translated to commercial enterprises.

Digital agencies often serve as the connective tissue between organizations and technology — which means that as data privacy regulations continue to expand and evolve, agencies need to stay on top of how to responsibly serve their clients.

Loyalty programs are the backbone of many companies, but come with a slew of traps, risks, and complexity related to data privacy. This panel will examine how to responsibly manage your loyalty program data, from communication preferences and data storage to data sharing and regulatory considerations.

Regulators from California, France, Australia, and points in between are increasingly requiring organizations to prove their comprehensive privacy programs are operationally effective and aligned with executive governance and accountability. This means corporate controls binding on even the most senior executives, investment across the organization, and real-time performance data.Scott Taylor, VP Chief Privacy Officer at Merck, and Marty Abrams, Executive Director at the IAF have been exploring for two decades how to implement mature, comprehensive accountability programs. This session will show how it is done.

Once upon a time, consent was almost as simple as “just” managing cookies. Today, organizations are mobilizing to figure out strategies for managing consent across multiple channels, brands, and devices, from phones to smart TVs to connected appliances. This discussion will focus on how companies can use consent as a way to build trust, collect more first-party data, and be confident in their regulatory compliance.

Several state laws require consumers to opt-in and opt-out of targeted marketing. Companies can look at this as a compliance burden or as an opportunity. This panel will discuss how to take these new requirements – along with the deprecation of cookies- and turn it into an opportunity.

It's one thing to have a pulse on state-by-state privacy legislation; it's another to actually comply with the patchwork of laws. This session will focus on how you can prepare for these regulations in practice: what each state requires, what it means to actually opt-in and opt-out, and how you can build a connection with your customers.

It's no secret that fragmented state-by-state data privacy regulations have put companies in a spin trying to figure out how and where to focus their compliance energies. This panel will focus on where federal data privacy regulations are gaining traction: protecting children's privacy, and what your organization should keep top of mind.

As privacy regulations proliferate, companies are looking at how privacy can become integral in the design of products and systems. Learn from privacy experts the methodologies, tools, and techniques to ensure that your company integrates privacy into its design process.

Artificial intelligence is more than a buzzwordy trend — it comes with very nuanced real-world consequences and implications. This session will be an open discussion about how to think about high-risk processing in the context of artificial intelligence, from ethical concerns to practical regulatory considerations.

Are you considering the path to Chief Privacy Officer? Hear insights from data privacy executives at Ampersand and Stott and May to help you strategize your journey to CPO.

Building consent into your advertising program is an increasingly important consideration in today's modern privacy-centric world — whether you're managing one brand, several brands, or multiple brands and channels, this session will spell out best practices, offer operationalize guidance for upcoming regulations, and discuss trends and myths percolating throughout the industry.

Several states have new privacy regulations taking effect in 2023. This discussion will focus on practical and actionable guidance to help companies prepare for and comply with new fragmented data privacy rules.

The US and the EU have reached a new framework for cross-border data transfers.This webinar, featuring Justin Antonipillai – Founder and CEO of WireWheel; Dan Solove – President and CEO of TeachPrivacy; and Josh Harris – Director, Global Privacy Initiatives of BBB National Programs, will focus on what the new agreement means, steps that companies should take today, and what to expect in the future.

New privacy laws in California, Virginia, Colorado, and across the globe give consumers and, in some jurisdictions, employees the right to access their personal data by making a Data Subject Access Request (DSAR). Finding data, especially in unstructured data sources like Microsoft 365, is challenging for privacy, HR, and IT teams.This episode features Rick Buck, Chief Privacy Officer, and Hammad Rajjoub, Product Leader, from Microsoft, to explain how WireWheel's integration with Microsoft Priva enables organizations to automate the search and discovery of structured and unstructured personal data stored in emails, SharePoint sites, and across the Microsoft Suite and fulfill DSARs.

Blockchain, crypto and the other technologies that power Web3 promise a world in which governance over data is decentralized. No central bank altering rates, no bank charging fees, no title company controlling ownership. However, the decentralization implicit in Web3 creates problems with modern privacy laws. Who is the controller in Bitcoin? How can I request that my purchase history of Dogecoin is deleted when the blockchain is designed to be immutable? Does the record of an NFT purchase constitute personal information?WireWheel CEO Justin Antonipillai joins TeachPrivacy CEO Daniel Solove and Colin Rooney, partner at Arthur Cox, to talk about whether Web3 is privacy compliant and what privacy officers need to consider Web3 for their business.

With new state privacy regulations coming in 2023, many organizations are looking to build, grow and optimize their privacy organizations. Many organizations are in reactive mode, rather than proactive mode. They are looking for ways to move to a more proactive and more sustainable model and to know what they should be doing now to prepare for 2023.Join WireWheel CPO, Rick Buck, as he leads a discussion with a consultant from Grant Thornton and an experienced CPO to learn:A framework for privacy assuranceLessons from creating and building privacy programsTips on where to get started

Technology is critical to the success of any privacy program, but privacy often falls into compliance as a cost center for chief information and technology officers. Privacy professionals must partner with technology leadership to build the business case for privacy programs. We talk with Forrester Principal Analyst Sara Watson about how to help your CIO and CTO to make privacy a strategic business priority and the keys to translating privacy needs into business objectives.

The process of “knowledge creation” has been called “thinking with data,” and the process of “knowledge application” has been called “acting with data.” Understanding the difference between knowledge creation and knowledge discovery and the purposes for which they are being undertaken is critical to understanding how they should be governed as part of an enterprise data strategy. - JoAnn Stonier, Chief Data Officer at MasterCard- Martin Abrams, Executive Director and Chief Strategist at The Information Accountability Foundation- Barbara Lawler, Chief Operating Officer & Sr. Strategist at The Information Accountability FoundationYou can follow WireWheel on social media to track the latest news in the Privacy world!Follow us on Linkedin,  Twitter, Youtube or Facebook.To learn more about WireWheel Data Privacy Management solutions, please visit www.wirewheel.io.Any questions? You can contact us at marketing@wirewheel.io!

This panel focused on the emerging principle of “explainability” in regulations that deal with AI and automated decision-making technologies. Lee Matheson (Policy Counsel, Global Privacy at the Future of Privacy Forum), Dr. Sara R. Jordan (Senior Researcher, Artificial Intelligence and Ethics at the Future of Privacy Forum), Renato Leite Monteiro (Co-Founder at Data Privacy Brasil), and Christina Montgomery (Vice President & Chief Privacy Officer at IBM Corporation) discussed how to implement “explainability” in practice, as it is a common transparency requirement under both AI self-regulatory frameworks and prescriptive proposals like the EU AI Act, and a particularly challenging task for many privacy and compliance personnel. You can follow WireWheel on social media to track the latest news in the Privacy world!Follow us on Linkedin,  Twitter, Youtube or Facebook.To learn more about WireWheel Data Privacy Management solutions, please visit www.wirewheel.io.Any questions? You can contact us at marketing@wirewheel.io!

Vaccination requirements present a novel and urgent challenge for privacy officers today. However, the current crisis might be a harbinger for a not-too-distant future in which CPOs are forced to reckon with the widespread use of employee health data, from vaccination records to biometrics, in their organization.Robert Glaser (Chief Privacy Officer and Vice President at Advyz Cyber Risk Services, a division of Entisys360), Virginia MacSuibhne (Chief Compliance & Privacy Officer at Agilent Technologies), Sari Ratican (Head of Privacy and Data Protection at 98point6 Inc.), Lisa Waggoner (Chief Privacy Officer at TriNet) and Catherine Williams (US Data Privacy Officerat Boehringer Ingelheim) share their thoughts on the future of employee data.You can follow WireWheel on social media to track the latest news in the Privacy world!Follow us on Linkedin,  Twitter, Youtube or Facebook.To learn more about WireWheel Data Privacy Management solutions, please visit www.wirewheel.io.Any questions? You can contact us at marketing@wirewheel.io!

Facebook's decision to rebrand as Meta should serve as a wake-up call for privacy officers: the metaverse isn't coming, it's already here. As technology teams invest in immersive digital experiences such as VR / AR, privacy officers need to consider the implications of these new technologies and develop frameworks that can adapt. Jennifer Vancini (General Partner at Mighty Capital), Christy Steele (Principal at Sands Capital), Jeremy Greenberg (Policy Counsel at Future of Privacy Forum) join Rick Buck (Chief Privacy Officer at WireWheel) to discuss privacy implications in the Metaverse.You can follow WireWheel on social media to track the latest news in the Privacy world!Follow us on Linkedin,  Twitter, Youtube or Facebook.To learn more about WireWheel Data Privacy Management solutions, please visit www.wirewheel.io.Any questions? You can contact us at marketing@wirewheel.io! 

 Justin Antonipillai (CEO and Founder at WireWheel) is joined by Bruno Gencarelli (Head of the International Data Transfers and Protection Unit at the European Commission) to discuss the current situation with EU-US negotiations in a post Privacy Shield environment.You can follow WireWheel on social media to track the latest news in the Privacy world!Follow us on Linkedin,  Twitter, Youtube or Facebook.To learn more about WireWheel Data Privacy Management solutions, please visit www.wirewheel.io.Any questions? You can contact us at marketing@wirewheel.io!  

The fragmentation and complexity of privacy regulations is deeply impacting the ad industry. Michael Hah (Senior Vice President, General Counsel at IAB) Jessica B. Lee (Partner, Chair, Privacy, Security & Data Innovations at Loeb & Loeb) Mark Webber (US Managing Partner at Fieldfisher), Jessica L. Rich (Of Counsel at Kelley Drye & Warren) and Sophie Dawson (Partner at Bird & Bird) shared their views on the impacts of data privacy frameworks in the digital advertising space as well as some potential responses.To access all other Spokes Fall 2021 sessions, please visit this page.You can also follow WireWheel on social media to track the latest news in the Privacy world!Follow us on Linkedin,  Twitter, Youtube or Facebook.To learn more about WireWheel Data Privacy Management solutions, visit www.wirewheel.io. Any questions? You can contact us at marketing@wirewheel.io!