Disclaimer Please note that this preliminary version of the program is not final and that some panels might change or be rescheduled. Updated versions will be regularly posted and notified on the CPDP website.
CPDP2013 Panels at Grande Halle
8.45 CLOUD COMPUTING AND DATA SOVEREIGNTY: MASS-SURVEILLANCE BY 3RD COUNTRIES
hosted by Judith Rauhofer (University of Edinburgh)
panel Caspar Bowden, Independent Privacy Advocate (UK), Gordon Nardell QC, Thirty Nine Essex Street (UK), Paul Nemitz, Director of Fundamental rights and Union citizenship, European Commission (EU), Vera Pozzato, EDPS (EU), Judith Sargentini, Member of the European Parliament – Green (NL)
What are the real impacts on privacy rights and EU data sovereignty that are raised by transfers of personal data of EU citizens to IaaS/SaaS/PaaS providers falling under a jurisdiction outside the EEA? The new provisions governing cross-border data transfers set out in the proposed Data Protection Regulation are largely designed to respond to complaints from cloud computing providers that the current EU regime is too complex and constitutes barriers to innovation and international trade. They aim to ensure that cloud providers that process EU personal data have policies and procedures in place to guarantee processing of that data in accordance with EU standards. But do they also create new risks by facilitating mass-transfers to non-EEA jurisdictions where local law enforcement and security agencies may be able to access that data based on foreign laws? For example, the US FISA Amendment Act expressly authorises political surveillance of non-US citizens for US foreign policy interests. Some of the FISAAA provisions suggest that they are expressly targeted at Cloud data of non-US citizens.
- How much awareness do EU companies and individuals have of this reality, when they upload personal data to the Cloud? And what questions does the existence of these ‘cloud loopholes’ raise for policymakers and regulators?
- Given the pressing risk to human rights and EU sovereignty, should the Cloud be eligible for any of the legal bases for exporting data outside the EEA, unless firm guarantees for full recognition of justiciable rights are obtained bilaterally and/or multilaterally?
This panel will discuss technical and political developments in very large-scale surveillance, and whether Cloud computing stretches the forty-year old paradigm for international data transfers beyond breaking point.
10.15 Coffeee break
10.30 Cloud, Trust and Privacy: Towards The InterCloud
co-organised by the EU FP7 project TCLOUDS and CPDP
hosted by Roland A. Burger (Innova SPA) & Marit Hansen (Unabhaengiges Landes-zentrum fuer Datenschutz Schleswig-Holstein)
panel Aleardo Furlani, International Association of SMEs, Birgitta Jónsdóttir, Member of the Parliament, Icelandic Modern Media Initiative (IS), Chris Hopfen-sperger, BSA, The Software Alliance (US), Guo Liang, China Internet Project (US) and Chinese Academy of Social Sciences (CASS) (CH), Eva Salzmann, IBM (FR)
The panel will focus on the intersections between Cloud computing (and especially the new paradigm of Cloud of Clouds) and Trust and Privacy.
The state-of-the-art cloud computing enables seamless access to services and global availability of information, but inherent risks severely limit the application of this technology. The benefits of increased storage at reduced cost allow information to be made available. However, the current cloud computing model comes with perceived risks concerning resilience and privacy. There are three fundamental trends in ICT whose risks mutually reinforce each other: (i) the push towards an Internet of Services - most services are provided on the web as a platform; (ii) cost pressures drive a migration of ICT into so-called Infrastructure clouds; (iii) growing importance of ICT as the critical “nervous system” for socially relevant “smart” infrastructures – such as healthcare, energy, environmental monitoring, or mobility.
Protecting data and services in the cloud is important to governments, organisations and enterprises across all industries, including healthcare, energy utilities, and banking. Thus, the perceived security and dependability risks of cloud computing are limiting its application.
The TClouds project targets cloud computing security and minimisation of the widespread concerns about the security of personal data by putting its focus on privacy protection in cross-border infrastructures and on ensuring resilience against failures and attacks.
11.45 Data Protection in Latin America
co-organised by the Council of Europe and CPDP
hosted by Sophie Kwasny (CoE) & Artemi Rallo Lombarte (Universidad Jaume I)
panel Sigrid Arzt, Federal Institute for access to information and data protection of Mexico (IFAI) (MX), Danilo Doneda, Department of Consumer Protection and Defense of the Ministry of Justice (BR), Jose Alejandro Bermúdez, Superintendence of Industry and Commerce of Colombia (COL), Felipe Rotondo, Personal Data Control and Regulatory Unit of Uruguay (URU).
The right to data protection has been increasingly regulated and specifically protected in Latin America over the past years and whether it is constitutionally upheld or not, articulation with the legal traditions (in particular habeas data) is being witnessed at national or sectoral level. This panel will explore:
- the evolution of the right to data protection and its impact on Latin America: new legislation and institutional developments, as well as reasons for the legislative lacuna in some countries;
- the challenges faced in Latin America in the context of data protection : what are the main features of data protection in the region as well as the main obstacles to this right;
- the role of the Ibero-American network of data protection in the development of data protection in Latin America and reference models in the emergence of national data protection legislations;
- the influence of the European Union’s framework as leitmotiv of the South American Development of the right to data protection;
- the influence of Convention 108 of the Council of Europe on the current developments of data protection in Latin America.
14.00 The Proposed Data Protection Regulation: Key Challenges
hosted by Marie-Hélène Boulanger (DG Justice, EC) and Paul De Hert (Vrije Universiteit Brussel-Tilburg University)
panel Gerrit Hornung, Universität Passau (DE), Jean Gonié, Microsoft (BE), Mario Oetheimer, FRA (EU), Christopher Wolf, Future of Privacy Forum (US)
In January 2012, the European Commission released the proposal for the reform of the European Data Protection Directive: whilst the principles and many key definitions have been retained, the proposal also contains significant changes. The balance in many key relationships has been changed - there is an increased focus on the fundamental rights of the citizen - there has been a move away from bureaucracy to a more ‘accountability’ based approach and a number of new systems and features have been introduced to deal with the changing nature of data and data processing. One year on from its initial publication, this panel will evaluate the reaction to this proposal and consider its future.
One year after its initial publication, this panel will evaluate the reaction to this proposal and consider its future.
15.00 Coffee break
15.30 The Proposed Data Protection Directive: Key Challenges
co-organised by Max Planck Institute for Foreign and International Criminal Law and CPDP
hosted by Els De Busser (MPICC) & Guy Stessens (Council)
panel Franziska Böhm, University Münster (DE), Daniel Drewer, Europol (EU), Caroline Goemans-Dorny, Interpol (INT), Christopher Kuner, Centre for European Legal Studies of the University of Cambridge (UK)
The panel will join representatives from law enforcement with representatives from the academic and the private sector. The discussion will focus on the key issues that law enforcement agencies are confronted with when it comes to data protection in criminal matters and to what extent the proposed EU data protection directive is or is not providing in solutions.
16.45 Public Perception(s) of Privacy and Security
co-organised by EU FP7 projects PRISMS and PACT, and CPDP
hosted by Anthony Amicelle (PRIO & CESDIP) & Jason H. Pridmore (Zuyd University)
panel Alessandro Acquisti, Carnegie Mellon University (US), Paul Timmers, Director Sustainable & Secure Society, DG CONNECT (EU), Daniel Trottier, Uppsala Universitet (SW), Kristof Verfaillie, Vrije Universiteit Brussel (BE)
Privacy’s significance in the eyes of the public is often debated, and sometimes contested. This panel will focus on the following issues:
- How can the perception of privacy by society be assessed?
- How can the relationship between privacy and security be grasped?
- And what can (or should) be done with any of such assessments?
18.00 Concluding Notes
Peter HUSTINX, European Data Protection Supervisor, EDPS (EU)
18.30 Cocktail introduced by Luciano Floridi (University of Hertfordshire and University of Oxford) and offered by Digital Enlightenment Forum
CPDP2013 Panels at Petite Halle
8.45 EMERGING CHALLENGES OF INFORMATION SECURITY AND PRIVACY
co-organised by LSEC and CPDP
hosted by Ulrich Seldeslachts (LSEC)
panel Jean-Luc Delvaux, Belgacom (BE), Erik Luysterborg, Deloitte Privacy and Data Protection EMEA (BE), Antonio Mata, Oracle (BE), Bavo Van den Heuvel, Cranium (BE)
Panellists will discuss how the evolutions on the society, regulatory changes, the way people handle information and systems have an effect on information security and privacy. Companies and people are being faced on a daily basis with mobile and cybercrime. One of the main assets in this information age are data and information. Companies and people are seeking ways to protect them, whilst still ensuring their availability. The developments in technologies such as virtualization, gigabit networks, peta bytes of data, BYOD and encryption technologies are leading to new opportunities and challenges for enterprises large and small, government organizations and citizens involved. The changing regulatory landscape is starting to influence these changes all together. But more than once, the reality of the emerging business challenges are not in line with policy or regulatory. Increasingly there is a need to align both, in order to avoid the development of a New Digital Divide. This will be the Divide between the companies in line with some regulation, some trying to cope with the societal and technology challenges, and those who will fail to comply to both.
A discussion with security specialists and practitioners.
10.15 Coffee break
10.30 'Internet Freedom, Copyright and Privacy': Philosophers of Law Meet Philosophers of Technology
FULLDAY SESSION Friday JANUARY 25th 2013 (10:30 - 17:00)
LIMITED PARTICIPATION !
co-organised by Leiden University and CPDP
hosted by Mireille Hildebrandt (Radboud University Nijmegen-Vrije Universiteit Brussel) & Bibi van den Berg (Leiden University)
panel Julie E. Cohen, Georgetown University Law Center (US), Kenneth Einar Himmar, Seattle Pacific University (US), David Koepsell, Delft University of Technology (NL), Luciano Floridi, University of Hertfordshire and University of Oxford (UK), Gary T. Marx, Massachussets Institute of Technology (US)
In this seminar we will investigate the effect(s) of the architectural choices made to construct, sustain and expand the Internet on the shape, breadth and content of Internet freedom. More specifically, we hope to gain insight into the ways in which architectural choices lead to (im)possibilities into the protection of, and/or expansion of copyright, privacy and data protection. For legal philosophers this seminar offers a unique opportunity to come to a more refined understanding of the relevance of architectural choices as fundamental determinants of both legal problems and their possible solutions. For philosophers of technology this seminar offers a unique opportunity to come to a more refined understanding of the legal-philosophical intricacies of the current debate on Internet freedom.
Previous Reading Panels have resulted in: Law, Human Agency and Autonomic Computing (Routledge 2011) and Privacy, Due Process and the Computational Turn (Routledge forthcoming), see
14.00 'Internet Freedom, Copyright and Privacy': Philosophers of Law Meet Philosophers of Technology
continuation of the morning session
15.15 Coffee break
15.30 'Internet Freedom, Copyright and Privacy': Philosophers of Law Meet Philosophers of Technology (till 18.00)
continuation of the morning session
CPDP2013 Workshops at La Cave
10.00 Lab Workshop: Can Smart Surveillance Systems Enhance Privacy?
co-organised by EU FP7 project ADDPRIV and CPDP
hosted by Daniel Neyland (Goldsmith University of London) and Dara Hallinan (Fraunhofer ISI)
panel Gemma Galdon Clavell, University of Barcelona (ES), Achim Klabunde, EDPS (BE), Inga Kroener, University College London (UK), Clive Norris, University of Sheffield (UK) [tbc], Charles Raab, University of Edinburgh (UK)
Privacy Enhancing Technologies (PETs) and Privacy by Design (PbD) initiatives have been heralded as a way forward for addressing privacy concerns raised by the introduction of security camera surveillance systems. This workshop will focus on the development of one particular ‘smart’ surveillance system which attempts to:
- (i) use algorithms to narrowly focus operatives’ attention to only those incidents pre-designated as ‘suspicious’;
- (ii) delete footage that is not connected to an incident;
- (iii) provide a sophisticated access management system to limit access to any data that is stored.
The workshop will feature a demonstration of the technology in order to foster discussion of questions such as:
- Can algorithms limit the extent of intrusive surveillance?
- Can suspicious activities be successfully tracked by algorithms?
- Does deletion provide a solution to privacy concerns?
- Can technologies (such as access management systems) guarantee privacy or are technologies always open to other uses?
11.45 Introducing Drones in The EU Civilian Airspace
co-organised by EMSOC and CPDP
hosted by Mathias Vermeulen (EUI-VUB) and Tugba Basaran (University of Kent)
panel Geoffrey Delcroix, CNIL (FR), Jean-Pierre Lentz, European Commission (BE), Margot Kaminski, Yale University (US), Jorrit Rijpma, Leiden University (NL)
The use of unmanned aerial vehicles, commonly known as drones, has been widely discussed in the context of the fight against terrorism, but there has been little debate yet about their use in a civilian setting. Drones can be used for a wide variety of civilian applications that range from terrain cartography to goods transport and from disaster assistance to the monitoring of borders.
Questions that this panel will address are the following:
- What are the potential privacy implications that come along with the use of drones in the EU’s civilian airspace?
- What are the limits to their use?
- Which safeguards need to be put in place in order to avoid privacy and/or data protection violations?
- What can we learn from the US experience so far of introducing drones in civilian airspace?
14.00 Cyberwar and the Changing Nature of Warfare
co-organised by VU University Amsterdam and CPDP
hosted by Wouter Werner (VU University Amsterdam) & Lianne Boer (VU University Amsterdam)
panel Lianne Boer, VU University Amsterdam (NL), Paul Ducheine, Dutch Royal Army, and Faculty of Military Sciences, Dutch Defense Academy (NL), Arno Lodder, VU University Amsterdam (NL), Stephen Neff, University of Edinburgh (UK), Ronald Prins, CEO at FOX-IT (NL)
This panel focuses on cyberwar as one of the drivers for the changing nature of war. Cyber attacks affect the hallmarks of war as set out by Stephen Neff in his ‘War and the Law of Nations’: they blur the distinction between war and peace; conflict is neither necessarily violent nor taking place between communities; enemies are oftentimes unknown and fervent debates on the application of the current jus ad bellum have been taking place for ten years at least.
This panel seeks to assess the impact of these debates on the (legal) concept of war, including questions regarding the use of force, armed attacks and legitimate military targets. Furthermore, it aims to challenge mainstream focus on death and destruction as determinative of a cyber attack’s qualification as falling under article 2(4) of the Charter or not.
15.15 Coffee break
15.30 Academic Papers Session (till 18.00)
hosted by Ronald Leenes (Tilburg University)
Session 3: Big data and surveillance • Papers
- Data mining and Its Paradoxical Relationship to the Purpose Limitation Principle, Liane Colonna (Stockholm University, SWE)
- Big Data: The End of Privacy or a New Beginning? Ira Rubinstein (New York University, US)
- Surveillance of Communications Data and Article 8 of the European Convention of Human Rights, Nora Ni Loideain (University of Cambridge, UK)
Session 4: The right to be forgotten • Papers
- Stage ahoy! Deconstruction of the “drunken pirate” case in the light of impression management, Paulan Korenhof (Tilburg University, NL)
- The EU, the US and the Right to be Forgotten, Paul Bernal (University of East Anglia, UK)
- Forgetting, Non-Forgetting and Quasi-Forgetting in Social Networking: Canadian Policy and Corporate Practice, Colin Bennett, Christopher Parsons and Adam Molnar (University of Victoria, CA)
CPDP2013 side events third day
please check the side events page