Developing the NIST Privacy Framework: How can a collaborative process help manage privacy risks?

Monday, September 24, 2018

9:00 am - 12:00 pm EDT

Brookings Institution

Falk Auditorium

1775 Massachusetts Avenue N.W.
Washington, DC
20036

The “Cybersecurity Framework” led by the National Institute of Standards and Technology (NIST) has proved to be a valuable tool of cybersecurity risk management. Now, with privacy in the public spotlight and discussions about policy options expanding, NIST is embarking on a collaborative effort to develop a NIST “Privacy Framework: An Enterprise Risk Management Tool.”

On September 24, the Center for Technology Innovation at Brookings hosted experts for a half-day forum on the development of this framework and privacy risk management. Through keynotes and panel discussions, experts shared their perspectives on the current and future state of privacy practices from both an implementation and policy perspective, as well as the potential domestic and international impact of this privacy framework. Attendees learned directly from NIST leadership about their plans for the framework development, heard industry responses, and explored the issues presented by a framework approach to privacy.

Industry principles for privacy risk management

What does risk management mean in the context of privacy?

Agenda

September 24
- Opening Remarks
  
  9:00 am - 9:05 am
  
  Cameron F. Kerry Ann R. and Andrew H. Tisch Distinguished Visiting Fellow - Governance Studies, Center for Technology Innovation (CTI) cameronkerry
- The NIST Privacy Framework: The road ahead
  
  9:05 am - 9:25 am
  
  Keynote
  
  Walter Copan Director - National Institute of Standards and Technology, U.S. Department of Commerce @waltercopan
- Industry principles for privacy risk management
  
  9:25 am - 9:45 am
  
  Keynote
  
  Dean C. Garfield President and CEO - Information Technology Industry Council @dcgarf
- What does risk management mean in the context of privacy?
  
  9:45 am - 10:45 am
  
  Moderator
  
  Cameron F. Kerry Ann R. and Andrew H. Tisch Distinguished Visiting Fellow - Governance Studies, Center for Technology Innovation (CTI) cameronkerry
  
  Panelist
  
  Harriet Pearson Partner - Hogan Lovells US LLP @HPPearson
  
  David Hoffman Associate General Counsel and Global Privacy Officer - Intel Corporation @hofftechpolicy
  
  TH
  
  Travis Hall Telecommunications Policy Analyst, National Telecommunications and Information Administration - U.S. Department of Commerce @travisrhall
  
  Michelle Richardson Director, Privacy and Data Project - Center for Democracy and Technology @Richardson_Mich
  
  Peter Lefkowitz Chief Privacy and Digital Risk Officer - Citrix Systems
- What are the practices and tools that can inform a privacy framework?
  
  10:55 am - 11:55 am
  
  Moderator
  
  Naomi Lefkovitz Senior Privacy Policy Advisor - National Institute of Standards and Technology, U.S. Department of Commerce
  
  Panelist
  
  ZS
  
  Zoe Strickland Managing Director and Global Chief Privacy Officer - JP Morgan Chase
  
  Jenn Behrens Partner and Executive Vice President of Privacy - KUMA LLC
  
  John Verdi Vice President of Policy - Future of Privacy Forum @johnverdi
  
  KG
  
  Kevin Gay Chief of Intelligent Transportation Systems Policy, Architecture, and Knowledge Transfer - Federal Highway Administration, U.S. Department of Transportation
  
  Harley Geiger Director of Public Policy - Rapid7 @HarleyGeiger