Very little legislation has caused as much confusion, consternation, misinformation and outright panic as the EU’s General Data Protection Regulation which came into effect on 25 May last year. Now that the dust has settled, we can review what it all means in the light of practical experience of the new regime and how it interrelates with both e-privacy and cybersecurity.
At this major one-day conference we have gathered together some of the top experts in these complex areas, and between them they will cover such topics as:
- Data subject rights under GDPR and the e-Privacy Regulation: an update
- The practical implications of GDPR for in-house teams
- Some of the key drafting issues and common negotiation points for data protection clauses we commonly see in contracts, including those for controllers in common, joint controllers and controller-processor relationships
- Where precisely are we with the EU e-Privacy Regulation?
- Data protection impact assessments: a highly practical workshop session will consider a scenario and use the ICO’s sample DPIA template to analyse the key issues and decide whether the proposed activity can go ahead without the need for approval
- The relationship between protecting business confidential information, personal information and securing internet risks
- The future of data protection in the form of the journey to code
- Brexit, data protection and e-privacy. Whatever happens with Brexit, this session will be adapted accordingly.
- The day will end with what is likely to be one of the highlights – a workshop on cyber security with a specialist in this high profile, controversial and highly sensitive area
The conference will appeal to:
- Private practice solicitors who need to keep up to date with the law and practice so as to be able to advise clients
- In-house lawyers who have to advise on the implications for the corporates they work for
- All those who are involved with compliance with the legal and practical implications
What will delegates take away from this conference?
- A crystal-clear and detailed explanation about the complex relationships between GDPR, e-privacy and cybersecurity
- A concise and accurate understanding of the common misconceptions about how GDPR and the Data Protection Act 2018 work in practice, from the use and mis-use of “consent”, to the role of the data protection officer and the right to be forgotten
- Knowledge about the extent and consequences of cyber-attacks and how best to put in place defensive systems and strategies
- An update on the latest position on e-Privacy and how the proposed Regulation is likely to impact on such matters as direct marketing (what’s permitted and what’s not), and the processing of metadata and cookies on users machines
Chairman: Robert Bond, Bristows
Robert Bond is a Partner with Bristows LLP and is a solicitor, notary public and a certified compliance and ethics professional. He has nearly 40 years’ experience as a legal expert and author in the fields of e-commerce, computer games, media and publishing, data protection, information security and cyber risks. Robert has specialised in data protection and information security law since 1983. He is a director of the UK Safer Internet Centre and South West Grid for Learning, a board member and secretary of the Society for Corporate Compliance and Ethics, chairman of the Governance Board of the Data Protection Network, a founder member of the UN Global Pulse Privacy Advisory Group and an ambassador for Privacy by Design. He is named in the National Law Journal’s list of 50 governance, risk and compliance trailblazers, listed in the top 10 in “Who’s Who of Information Technology Lawyers 2014” and in “Who’s Who Legal TMT 2017“, “Best Lawyers in UK in the practice area of Information Technology Law 2017“.
Stephen Eckersley, Information Commissioner’s Office
Stephen Eckersley is the Director of Investigations at the Information Commissioner’s Office (ICO) and has responsibility for leading a number of teams in the Investigations Directorate. In his role he has led high-profile and ground-breaking investigations into cyber-security incidents, including Talk-Talk, Equifax, Uber and Yahoo! and more recently the investigation into the Facebook/Cambridge Analytica case. Prior to joining the ICO in 2011 he served 30 years with Greater Manchester Police achieving the rank of Detective Chief Inspector and led numerous complex homicide and other major crime investigations.
Eleonor Duhs, Field Fisher
Eleonor is a Director in Fieldfisher’s privacy, security and information law team. She was the UK government’s lead lawyer in EU negotiations on the General Data Protection Regulation (GDPR). Eleonor has extensive, in-depth knowledge of the GDPR, having represented the UK in meetings in Brussels. She drafted text for inclusion in the legislation, and worked with the European Commission, representatives from other EU member states, regulators and stakeholders to develop the regime. She also has extensive experience of advising the UK government on data protection and information law issues, including compliance and risk in high profile projects.
Emmy Hackett, SHL
Emmy Hackett is General Counsel, Chief Compliance Officer and Data Protection Officer for SHL, based in London. SHL is a 40+ year old global people insights company providing scientifically rigorous assessments across the employee journey from recruitment through development. The enactment of the General Data Protection Regulation and Brexit are two major projects that she leads at SHL, in addition to overseeing commercial legal support and procurement. Prior to joining SHL, she was the Deputy General Counsel for International at V.C.E., a joint venture between Cisco and EMC, bringing converged computing infrastructure to the market. Emmy previously worked for a US law firm engaged in copyright, trademarks and other intellectual property matters
Keith Markham, Solicitor and Trainer
Keith Markham qualified as a solicitor in 2001 and now works as a freelance training consultant. Initially working in private practice, in 2004 he moved in-house at the BGL Group, a major insurance intermediary. During his time there Keith advised extensively on all areas of data protection. In 2007, Keith joined BPP Professional Education, and worked there as both an in-house lawyer dealing with data protection and commercial contracts and also as a presenter of training courses before ultimately deciding to specialise in delivering training and becoming a freelance training consultant in 2009. Drawing on his considerable experience Keith has designed and delivered a wide variety of training on topics relating to data protection and commercial law to lawyers and non-lawyers alike. He is also currently involved in a number of GDPR compliance projects.
Stewart Room, PwC UK
Stewart Room, CIPP/E, is a Partner at PwC UK. He is the global leader of the cyber security and data protection legal services practice, the joint global leader of the multi-disciplinary data protection practice, and the UK data protection practice leader. He has more than 25 years of experience as a barrister and solicitor, focusing for the majority of this time on data, technology and communications. Stewart specialises in the field of data protection, information management and cyber security, including programme design and delivery, the commercial exploitation of data, the security of data, regulatory investigations and litigation arising from the misuse of data. He is rated as a leading individual in data protection by legal directory Chambers UK. He is the President of the National Association of Data Protection Officers and the editor of the Cyber Security Practitioner journal. He has written a number of textbooks on information law and is regularly quoted in the press. He is a past winner of the Financial Times Innovative Lawyer of the Year award.
Sam de Silva, CMS Cameron McKenna Nabarro Olswang LLP
Dr Sam De Silva is a Partner in the London office of CMS Cameron McKenna Nabarro Olswang LLP. Sam specialises in data privacy and cyber-security issues and in advising on complex and strategic IT and telecommunication projects. Sam is both the UK solicitor representative on the EU Commission’s Expert Group on Cloud Computing Contracts and on the IT Law Committee of the Bars and Law Societies of Europe. Sam is also on the Data Law Committee of the City of London Law Society and is a former chair of the Law Society’s Technology and Law Committee. Sam is the co-convenor of an international Working Group developing a new ISO Standard on the management of legal risk. He is recognised as a leading individual for IT and data protection in Legal 500 and Chambers & Partners directories. Sam is also named in Who’s Who of Data Privacy and Protection 2018, the Who’s Who of Data Security 2018 and the Who’s Who of Information Technology 2018 as one of the world’s leading lawyers in those areas of law. In addition Sam has been listed in Who’s Who Legal: Thought Leaders – Global Elite 2018.
Valerie Taylor, Privacy Solutions Ltd
Valerie is qualified solicitor and seasoned professional, well known in the field of data protection. Having qualified as a solicitor at Clifford Chance, she moved to the Royal Mail Group where she was the principal legal advisor on data protection. She has worked as an independent data protection consultant since 2002, and was one of the first lawyers to move into DP consultancy. She advises organisations of all kinds on data protection and related legislation. Her work includes strategic planning and risk management, compliance programme design and implementation, audits and gap analysis, producing policies and procedures, and devising and running training and awareness campaigns.