IAPP Privacy Conference: Singapore 2017
Many view IAPP as the most reputable source of professional certifications in privacy. Last month I attended IAPP's two-day conference packed with current privacy perspectives, professionals and networking opportunities. The Commissioner of the Personal Data Protection Commission of Singapore gave the opening general session address.
During the session on GDPR readiness, I asked the panel about the need for industry to lead the effort in setting best practices or codes of conduct with respect to privacy compliance. An interesting panel discussed growth and opportunities in the APEC cross-border privacy rules ("APEC CBPR") system that aims to provide a framework for transferring personal data among participating APEC members. Interesting to note that there are only two "authentication agents" recognized by APEC to issue certifications on an entities readiness under the APEC CBPR regime. The representative of a major U.S. tech giant sitting on this panel told me that it is important to see the human soul behind all the bits and digits of data, hinting at the human side of privacy compliance so often forgotten.
Lanx Goh, senior manager of the Singapore Personal Data Protection Commission spoke on a panel chaired by Benjamin Ang of the Nanyang Technological University on effectively preparing for a data breach.
In the session on China's regime of cybersecurity, I asked the question of how private foreign companies doing business in China can ensure that their trade secrets do not become state secrets in light of the requirement that sensitive data of critical industries must be reviewed by a third party PRC national.before being transferred out of China. Another panel spoke about the need to take an overall big picture view of "data governance" to ensure the quality and integrity of data to satisfy various requirements, standards, and governance regimes.
My friend Larry Liu of lead privacy at Alibaba Cloud gave the closing general session talk on how his organization is preparing for GDPR compliance. Larry spoke about the need in the market for legal professionals who understands technology, privacy laws and speaks Mandarin.
Overall the conference was worthwhile and I look forward to attending next time.