PIA Symposium
Privacy Impact Assessments (PIA) – A new way to enforce privacy in Europe?
1-Day Expert Symposium, Friday 25th Nov 2011 Austrian Embassy Berlin
Privacy impact assessments are a core instrument to ensure Privacy by Design in technical systems. The goal of this 1-day symposium is to assemble thought leaders to discuss the virtue of privacy impact assessments (PIA) as a means for governing privacy in cyberspace. The first PIA framework developed by industry for RFID and officially co-regulated by the EU Commission will be presented. Already now this PIA Framework is heralded as a “landmark for Privacy by Design”. Guidelines for its deployment as developed by the German BSI and first practical experiences will be presented.
PIA Guideline: www.bsi.bund.de/PIA
Programme
08:30 – 09:00 Registration
09:00 – 09:30 Welcome Address & Setting the Scenes
Dr. Ralph Scheide, Austrian Ambassador in Germany
Michael Hange, President German Federal Office for Information Security, BSI
Prof. Dr. Sarah Spiekermann, Chair of the Institute for Management Information Systems, WU Vienna
Session 1: PIAs in the European Legal Context: Are they a serious road (to be) considered?
09:30 – 10:00
Peter Schaar, German Federal Commissioner for Data Protection and Freedom of Information
The road ahead for PIAs in data protection governance: How could PIAs be lived? In what way should they be mandatory? And can the workload be handled for both, companies and supervisors?
10:00 – 10:30
Peter Hustinx, European Data Protection Supervisor
On the potential role of PIAs in Europe’s future data protection landscape and in the overhaul of the EU Data Protection Directive(s)
10:30 – 11:00
Bernd Kowalski, Department President, German Federal Office for Information Security, BSI
Security Assessments and Security by Design – Experiences on how assessments can drive technology
11:00 – 11:30 Coffee Break
Session 2: Introduction to the PIA Framework for RFID, its evolution and expectations
11:30 – 12:00
Dr. Gerald Santucci, Head of Unit, DG INFSO, European Commission
Presentation of the PIA
Framework for RFID and how it came about
12:00 – 12:30
Prof. Dr. Udo Helmbrecht, Executive Director of ENISA
How ENISA will judge on the success of RFID PIA implementations and how ENISA views PIA
12:30 – 13:30 Lunch
Session 3: Presentation of BSI Guidelines for applying the PIA Framework for RFID
13:30 – 14:30
Harald Kelter, BSI Project Officer & Marie Oetzel, Researcher, WU Vienna
Introduction to the BSI PIA Guidelines: Methodological interpretation and implementation of the PIA Framework for RFID
14:30 – 15:00
Christian von Grone, CIO of Gerry Weber International AG
Lessons learned from applying the BSI PIA Guidelines in textile retailing
15:00 – 15:20 Coffee Break
Session 4: Industry and Government Experiences with PIAs
15:20 – 15:40
Prof. Dr. Posch, CIO of the Federal Republic of Austria
Security Risk Assessments for Government IT – Methods and Preventive Actions
15:40 – 16:00
David Wright, International Expert Consultant on Privacy Impact Assessments
Lessons learned internationally from PIA procedures and industry engagement
16:00 – 16:20
Heinz Paul Bonn, Vice President of the German Federal Association for Information
Technology, Telecommunications and New Media (BITKOM)
PIA Perspectives and Chances for Industry
16:20 – 17:00
Wolf-Rüdiger Hansen, German Association of Automatic Identification and Mobility (AIM-D)
First lessons learned from introducing the Auto-ID industry to PIAs for RFID
Short Break
17:15 – 18:15 Podium
Christian von Grone, Prof. Dr. Posch, Peter Schaar, Peter Hustinx, Prof. Helmbrecht
Moderator: Prof. Dr. Sarah Spiekermann
Is risk assessment the right tool to tackle the privacy and information security challenges in cyberspace?
18:15 – 19:00 Get Together
Intelligent PIA Presentation in forum: Download
MEMBER OF
