SCL Meeting: Privacy by Design: 'Grand Design' or ‘Pipe Dream’? - London - 16 March 2011

When: 16/03/2011
Code: HW/SCL

You need to register with us or sign in to your existing account in order to book an event unless the event is free of charge. Please follow the booking instructions below.

A meeting of the SCL Privacy and Data Protection Group

Nick Tyler, Senior Associate, Reed Smith LLP and Committee Member, SCL Privacy and Data Protection Group

Steve Wood, Head of Policy Delivery, Information Commissioner's Office (ICO)
Michael Colao, Information Security Manager

  • Privacy by Design', or 'PbD', refers to the development of technologies and business practices whose potential privacy impacts have been considered and addressed at an early stage in the design process.
  • 'PbD' is likely to become an increasingly important theme in future global data protection best practice.
  • 'Privacy by Design' was originally conceived and developed by Ontario's Information and Privacy Commissioner, Dr. Ann Cavoukian, more than 10 years ago.
  • At the end of October last year, the International Conference of Data Protection and Privacy Commissioners passed a resolution recognising and endorsing the adoption of 'Privacy by Design' as a guiding legal principle of data protection worldwide.
  • The European Commission set out its strategy to modernise data protection in a communication issued in November last year. The Commission plans to propose legislation later this year revising the legal framework for data protection, including Directive 95/46/EC. As part of this, the Commission will examine promoting the use of privacy enhancing technologies, as well as the "concrete implementation" of 'Privacy by Design'.
  • Here in the UK, the Information Commissioner has also made it clear that he would like to see an explicit Privacy by Design requirement in the next generation of data protection laws to ensure compliance measures are built in at each stage of the information lifecycle as opposed to bolting on remedial measures  in piecemeal fashion.

Some Questions for data controllers, and those advising them:

  • Will 'Privacy by Design' deliver a significant shift in approach to data protection compliance and good practice?
  • Will new data protection frameworks need to be implemented where existing protections are not sufficient to satisfy requirements for 'Privacy by Design'?

Before we can answer those questions there are some more fundamental ones to address:

  • What does 'Privacy by Design' really mean in practice?
  • What does 'PbD' look like in the real world?

Some experts have expressed significant doubts as to whether 'PbD' is anything more than a nice idea with little to no practical or commercial benefit or application? From a technological perspective is it just 'pie in the sky'?!

This event will pitch together two expert speakers to debate both sides of the argument.

You will hear from the UK regulator's office about the ICO approach to Privacy by Design, some practical examples of it in the UK over the last few years, and the ICO's future plans for 'PbD'.

You will also hear the forthright views of a leading Information Security and Privacy Professional who will challenge the prevailing theme that favours the 'PbD' approach with some hard questions for the regulator to consider.

Speakers Details
Steve Wood
is Head of the ICO's new Policy Delivery department. In his current role he is responsible for overseeing policy lines, advice and guidance related to Data Protection and Freedom of Information legislation. This includes sign-off responsibility for key FOI decision notices and overall responsibility for the ICO's input into legal proceedings following an appeal against an ICO decision. Previously he was Assistant Commissioner with responsibility for FOI Policy at the ICO. Before joining the ICO Steve was a Senior Lecturer in Information Management at Liverpool John Moores University, during this time he also set up and ran the FOI Blog and the journal 'Open Government: a journal on freedom of information'.

Michael Colao is an Infomation Security Manager and was formerly CISO and Director Information Management at Dresdner Kleinwort.

Nick Tyler is Senior Associate in the Data Privacy, Security and Management Practice of Reed Smith's Global Regulatory Enforcement Group. Nick joined Reed Smith in June 2010 having previously worked for AstraZeneca as Global Privacy Counsel and, before that, at the Information Commissioner's Office, where he was Chief Legal Adviser.

Administration notes:
The cost of attendance at this meeting is £25 + VAT (£30) for SCL members and £40 + VAT (£48) for non-members. VAT invoices will be issued to all delegates. 

If you wish to attend this meeting please book online via this web site or email and request an invoice. Fees can be paid by cheque (cheques should be made payable to "Society for Computers and Law" please), Mastercard, Visa, Switch or bank transfer. All invoices for attendance at this meeting must be paid within 30 days of the invoice date although payment before the date of the meeting would be appreciated.

Non-members wishing to join the Society are entitled to membership of the Society valid for 12 months from the date of payment including full access to the content of the SCL web site, 6 copies of the SCL magazine "Computers & Law" plus notification of future SCL events. The cost of an annual SCL membership is £95.00.

If you have any queries about your application for this meeting or SCL membership please contact : Clare Ostler, Tel: 0117 9237393, Email:

Under the Solicitors Regulation Authority CPD scheme, ILEX's CPD Scheme and Barristers – new and established practitioner programmes this meeting is accredited with 1 hour and 30 minutes.

Booking terms and conditions: Application online or by email constitutes a firm booking and an undertaking to pay the meeting attendance fee. Cancellations will not be accepted (and refunds made) unless received in the Society's offices in Bristol at least one week before the date of the relevant event or meeting.

It may be necessary for reasons beyond the control of the Society for Computers and Law to change the content/timing of the programme and/or speakers.

Society for Computers and Law  A company limited by guarantee 1133537  Registered Charity No. 266331  VAT Registration No. 115 4840 85  Registered in England and Wales  Registered office: 10 Hurle Crescent, Clifton, Bristol, BS8 2TA.

Please wait...