A place to exchange ideas and perspectives, promoting a thriving innovation economy through public policy
647 Discussions

The Origins of Data Privacy Day

0 0 556
By: David A. Hoffman, Associate General Counsel and Global Privacy Officer

Around the Dinner Table

Happy Data Privacy Day!

Data Privacy Day began with a conversation at my dinner table eight years ago, when Leonardo Cervera Navas (then with the European Commission and now with the European Data Protection Supervisor’s office) and Jolynn Dellinger (then with Intel and now with Minding Privacy) joined my family for dinner.  At the start of dinner my boys (very young at the time) brought out a sheet of pictures of flags and asked the adults at the table to point out the flags of the countries where they had lived.  That discussion of the flags prompted a stark comparison between my US suburban neighborhood and the places we had lived in the UK and Germany, and areas in Belgium, Ireland, Spain and Italy that our guests had called home.   While the focus at the beginning was on cultural differences, the conversation soon turned to the values shared across those cultures.

Leonardo had the idea first that it would be wonderful if there was a day when people could recognize those shared values and promote transatlantic cooperation.   Data Protection Day had already been recognized in Europe and held on January 28th, which is the anniversary of the Council of Europe’s signing of Convention 108.  It is Convention 108 which first recognized privacy as a fundamental human right. I have a vivid memory of Jolynn then saying, “ We shouldn’t just talk about it, we should do it.” By the end of dessert, Data Privacy Day was born.

Data Privacy Day has come a long way since that dinner.   Jolynn, the initial project manager for the event, turned our idea into a reality.  Leonardo secured the participation of then European Data Protection Supervisor Peter Hustinx, and representative of the Italian Garante Giovanni Buttarelli for an event at Duke University Law School.  Now thousands of organizations recognize Data Privacy Day and participate in events to build privacy awareness.   The National Cyber Security Alliance currently coordinates the awareness raising events celebrating the day, and 2016 looks to be the biggest and best Data Privacy Day yet.

The Need for Transatlantic Cooperation

At that first dinner, the conversation inevitably turned to privacy attitudes in the US and Europe.  Since then, efforts toward transatlantic cooperation have been met with new challenges.  Media attention to activities of US government surveillance agencies has raised barriers to international data transfers and damaged privacy stakeholder relationships across the Atlantic. Recent terrorist attacks in Paris and San Bernardino have further challenged cooperation among policy stakeholders, while also reminding us the EU and US not only share a need for privacy, but also face common risks.   In an environment of continued concern about terrorism, it is important that governments have in place structures that allow law enforcement and intelligence agencies to accomplish their critical missions.  At the same time, a pre-condition to the activities of these government agencies is sufficient oversight and controls that assure individuals that their information will not be misused.   Recent news of a cyber-attack on the Ukraine electric grid brings further attention of the need for governments to be able to protect networks, critical infrastructure and their citizens.

To provide this protection, government and the private sector will need to process personal data and to share some of that data with other organizations.  This collection and sharing requires that government  provide privacy protection while promoting safety and cybersecurity.   Individuals seem prepared to have the government and the private sector process this data for these critical missions, if those organizations can demonstrate that they will do so responsibly.

Dinner Invites and Shared Values

Thinking back to that dinner eight years ago I remember how sitting down to discuss cultural differences provided an opportunity to identify a common purpose.  Perhaps charting a path forward for privacy depends on creating more moments of dialog and appreciation of the values we share on both sides of the Atlantic.