Two separate groups of data protection folk gathered together last night.
In Brussels, a (relatively) younger data protection crowd were assembling for the Computers, Privacy & Data Protection conference. This three day event attracts a wide range of folk, perhaps more inclined to view privacy through the prism of an academic or regulatory perspective, rather than a practitioner’s perspective. There’s a lot of theory – and tweeting, so its relatively easy to be kept informed of the conference highlights. Am I missing very much by not going this year and just relying on regular updates from the opinionated tweeters? I'm certainly missing something. There’s also a free bar.
In London meanwhile, a selection of Britain’s data protection crusties packed the main chamber at the Institute of Advanced Legal Studies to hear James Michael offer some views on 30 years of data protection and 15 years of freedom of information legislation. This 90 minute event attracted many of Britain’s most eminent data protection folk. It would be uncharitable to identify any of them, as others might be annoyed if I left them off my list. Suffice to note that, in terms of the relevant legislation, some people present had helped write it. Others had regulated it, judged it, practiced it, complied with it, studied it or had otherwise written about it. After the formal proceedings, some attendees enjoyed a few very useful exchanges of privacy news and gossip. However, there being no free bar, or bar of any description, most swiftly left for their next engagement.
What did I learn at the IALS event that I can report on?
First, that there are no prospects for information rights legislation to become less complicated in the forseeable future.
Second, that prospects for common global information rights standards, perhaps enforced by a UN Convention on rights of access to information and privacy are impossibly remote. It’s certainly not going to happen in my lifetime.
Third, that the forthcoming Data Protection Direguation (to the extent that it will be forthcoming) is unlikely to ease the lives of data protection practitioners. It may help them to remain in remunerative employment, but it’s not clear how any new standards currently under consideration will drive behavioural change among data controllers in ways that that will result in a significant uplift of the privacy rights that European citizens currently enjoy.
Anything else that I learnt last night will remain confidential – at least for the time being, that is.