Privacy Laws & Business 17Th Annual International Conference

Privacy Laws & Business 10th Annual International Conference Planning Ahead to Ensure Compliance with the European Union Data Protection Directive St. John's College, Cambridge, United Kingdom, 1st – 3rd July, 1997 Programme

Time Title of Session Speaker 11.00 The UK Data Protection Act:Key points for Caroline Bishop and Charlotte Lewendon, Compliance newly appointed managers Officers, Office of the Data Protection Registrar, UK 11.00 The European Union's Data Protection Bojana Bellamy, Consultant, Privacy Laws & Business, Directive: The essentials UK 13.45 Chairman's welcome and introduction Stewart Dresner, Director, Privacy Laws & Business, UK 14.30 Struggles to defend privacy: Challenges from Professor Alan F. Westin, Columbia University, New 1950 to 2010 York, and Publisher, Privacy & American Business 16.00 The Data Protection Registrar's first Angus Hamilton, Solicitor and Partner, JP Malnick, prosecutions under the Data Protection Act's Solicitors, London amendments on procuring, selling and advertising personal data 16.00 Developing standards to protect the privacy of Don Harris, Manager, Human Resources Systems, The human resources data in North America New York Times Company, New York, USA, and Chair, Privacy Committee, International Assoc. for Human Resources Information Management (IHRIM) 16.45 How BT's Data Protection Manager balances Doug Merritt, Group Data Protection Manager, BT the tension between BT's business needs and compliance with the Data Protection Act 17.30 Experience in Germany of workers' councils' Dr. Stefan Walz, Data Protection Commissioner, influence on implementing data protection law: Bremen, Germany Discussion: Blueprint for implementation of the EU Maastricht Treaty's Social Chapter on employees' rights and incorporation into UK law of the EU Works Council Directive?

Time Title of Session Speaker 9.00 The future of data protection in Europe Ulf Brühann, Head of Unit, DG 15, European Commission, Brussels, Belgium 9.30 Report on the European Union's data protection Luc Verhey, Legal Advisor, Netherlands Ministry of developments under the Netherlands Justice Presidency, January to June 1997 10.00 How Hoechst's internal Data Protection Manager Wulf Donike, Data Protection Manager, Hoechst manages compliance with Germany's Data International Services GmbH, Frankfurt, Germany Protection Act 11.15 The benefits of Citibank's transborder data flow Duncan MacDonald, Group General Counsel, Card contract experience in Germany with the Products, Europe and North America, Citibank German Railway and the Berlin Data Protection Commissioner: Advantages of constructive dialogue 11.45 The monitoring and coordination role of the EU Ulf Brühann, Head of Unit, DG 15, European Data Protection Commissioners' Working Party Commission, Brussels, and Secretariat, DPCWP (DPCWP) in implementing the EU Directive Dr. Stefan Walz, Data Protection Commissioner, Bremen, Germany and Member, DPCWP 13.45 New government: New data protection policies? Graham Sutton, Head of Data Protection Section, The Home Office, UK 14.30 Impact of the European Union Data Protection Anne Hinde, Senior Policy Advisor, Office of the Data Directive in the UK Protection Registrar, U 15.00 Commerce, Communications, and Privacy in Professor Alan F. Westin, Columbia Univ., New York, Cyberspace: A US survey report and Publisher, Privacy & American Business 16.00 The UK Data Protection Registrar's approach to Dr. John Woulds, Director of Operations, Office of the data protection problems on the Internet Data Protection Registrar, Wilmslow, UK 16.30 Internet technologies: Applying and complying Professor Joel Reidenberg, Fordham University Law with data protection principles Faculty, New York, currentlyVisiting Professor, University of Paris 1, Panthéon-Sorbonne, France 17.00 eTRUST: The Internet industry's self-regulatory Susan Scott, Executive Director, eTRUST, Palo Alto, approach to building trust in on-line commerce California, USA

Time Title of Session Speaker 9.00 How the Data Protection Registrar might Dr John Woulds, Director of Operations, Office of the interpret the EU Data Protection Directive's Data Protection Registrar, Wilmslow, UK security provisions, including the requirement to notify details of an organisation's security measures 9.30 How can controllers comply with the security Chris Amery, Data Security Consultant, Zergo, provisions of the EU Data Protection Directive? Basingstoke, UK Can security standard BS 7799 help? 10.00 Providing secure systems using risk analysis Steve Daniels, Principal Consultant, Insight Consulting, Walton-on-Thames, Surrey, UK 10.00 How to comply with the EU Data Protection Dr. Hayden Kendler, Associate Consultant, Privacy Directive Using ISO 9000 (BS 5750) Quality Laws & Business Assurance Principles 10.00 The OECD Guidelines on Cryptography Policy Chris Amery, Data Security Consultant, Zergo, and their effect on security Basingstoke, U 11.00 Genes are Us: Can genetic data remain private Eugene Oscapella, Barrister and Solicitor, Consultant data? Why genetic data provides a to the Federal Privacy Commissioner, Canada majorchallenge to the assumptions behind conventional privacy law 11.30 Police and crime Detective Superintendent Ken Grange, Police Information Technology Organisation, The Home Office, London, UK 12.00 Genetics and Insurance - new information, old Tony O'Leary, Executive, Marketing and Client problems Services, ERC Frankona Reassurance; Member of the Association of British Insurers' Genetics Committee and Life and Medical Affairs Committee; and Honorary Secretary, Association of Medical Underwriters, London, UK 12.30 Feedback session: Privacy Laws & Business Stewart Dresner, Director, Privacy Laws & Busines 10th Annual Conference 14.00 How Mytec's biometric encryption and Dr. George Tomko, Chairman, Mytec Technologies identification system anonymises personal data, Inc., Ontario, Canada curbs fraud, automates authorized access and protects privacy 14.45 How the Registrar interprets the Data Protection Phil Jones, Assistant Registrar, Office of the Data Act regarding the fair and lawful collection and Protection Registrar, Wilmslow, U use of personal data by public bodies 15.45 Data protection law aspects of the latest Detective Superintendent Ken Grange, Police developments on the National Strategy for Information Technology Organisation (PITO), Home Police Information Systems Office, London, UK 16.30 State surveillance of telecommunications: Michael Spencer, European consultant on civil liberties, international harmonisation and an end to UK privacy? 16.45 Intelligence-led policing in the retail sector Detective Chief Inspector Alan Hillman, Marylebone Operational Command Unit, London, UK Stuart Campbell, Security Controller, Selfridges, and Chair, Oxford Street Association Security Committee