IAPP Privacy Security Risk

IAPP Privacy Security Risk

🚀 What an incredible two days at the IAPP Privacy. Security. Risk. Conference in Los Angeles on 22 -23 September! So many thought-provoking discussions on the future of privacy, regulation, and AI. Here are a few key takeaways:

🔑 Avoid Watermelon Risk Metrics: They may look “green” on the outside, but they’re “red” on the inside. We need to focus on meaningful metrics that tell the whole story, not just surface-level success.

🧠 “There is no machine unlearning, so we have to get it right the first time.” This underscores the importance of responsible AI development from the start—there’s no turning back once it’s in motion.

🌍 Privacy rights should travel with your data: A poignant reminder from Max Schrems that privacy isn’t a static concept—it needs to be portable and enforced wherever the data goes.

🤖 AI Regulation and Purpose Limitation: We heard different perspectives on the risk of AI taking over—from a 100% chance in 200 years to just 10% depending on how well we regulate it. The key? Purpose limitation and accuracy, with GDPR providing a reasonable framework.

🌐 Vendor Risk Management: With 70% of data breaches stemming from the supply chain, managing vendor risk is crucial. Certifications like ISO aren’t always enough; it depends on the level of risk and includes often-overlooked services (e.g., cleaning staff with access to sensitive spaces).

❗️ Regulatory Inconsistencies: The Draghi report raised concerns about excessive legislation stifling innovation, but the real problem is inconsistency in applying regulations. For example, 27 different ways to identify individuals in the EU—a clear barrier to streamlined digitalization.

In a world where data privacy and AI regulations are evolving fast, events like this one are vital to keeping us informed and adaptable. Looking forward to continuing the conversation!

Data protection day

Data protection day

EDPO attended the Data Protection Day organised by the EDPS and the Council of Europe. Here are the key takeaways that stood out for us. The...

Digital Clearhouse 2.0

Digital Clearhouse 2.0

EDPO attended the EDPS Digital Clearinghouse 2.0 Conference in Brussels. Here are the key takeaways that stood out for us. The EU’s Digital...

About the author

Jane Murphy

Jane Murphy is a Belgian-Canadian lawyer specialising in data protection, corporate law, and EU regulations. She holds law degrees from Canada and Belgium, an LL.M. in EU and International Law, a Data Protection Certificate, and completed an International Business summer programme at Harvard, and an “AI:Implications for Business Strategy » executive program at MIT. Jane also has 15+ years of board experience across Europe and Asia and currently chairs Oracle Financial Services Software (OFSS) in Mumbai.

Jane Murphy

Get our weekly newsletter in your inbox every Monday with fresh GDPR and Data Protection news!