PrivacyCon 2019 panelists strike an ominous tone

Pop Quiz

OK, here's a multiple-choice question. What is PrivacyCon? Some sort of new identity-theft scam? The persona of a new data-themed wrestling heel? Or a very low-key cosplay event?

None of the above! No, it's so much better than any of those things.

PrivacyCon is an annual conference held by the Federal Trade Commission that examines "cutting-edge research and trends in protecting consumer privacy and security." It's like a privacy-nerd Woodstock, except without mud or drugs or even music.

OK, never mind. It's a terrible comparison.

Finger in the Dam

PrivacyCon was first launched in 2016 as a one-day event and remains a one-day conference.

This year, the day was June 27, the place – Washington D.C.'s Constitution Center.

On tap were four separate sessions, covering issues that are ... well, immense in scope and seriousness. The first concentrated on privacy policy research, with an emphasis on the European Union's General Data Protection Regulation (GDPR) and its effect on online privacy. Part two tackled "consumer preferences, expectations, and behaviors" – how regular folks understand digital privacy and tracking.

Third up: Speakers addressed online ads and tracking. And, finally, a fourth session offered research about data "vulnerabilities, leaks and breach notifications."

Check out the conference's agenda to learn more about the participants.

The Takeaway

Unsurprisingly, the session addressing consumer expectations offered interesting insights – after all, these expectations, for better or worse, establish the guardrails for acceptable regulatory policy and corporate behavior.

Researcher Princeton University Ph.D. candidate Noah Apthorpe advocated a high default level of privacy that would not require consumers to understand technical matters. His conclusions seemed a logical extension of the findings of Consumer Reports' Policy Counsel Katie McInnis that consumers simply did not understand how they were being tracked. Other researchers advocated for robust enforcement that draws on tech-world experts to ensure that regulation succeeds.

During the first session on privacy, Consumer Reports' Consumer Privacy and Technology Policy Director Justin Brookman argued that the GDPR was not being enforced and was failing to significantly change the behavior of companies. Christine Utz, research assistant and Ph.D. student at Ruhr-University Bochum, concurred, noting that the actual amount of data being processed by companies online did not decrease in the wake of the GDPR's launch.

So, PrivacyCon is a worthy event that offers interesting, if controversial, insights.

And maybe Iron Butterfly will finally show up and play a set.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.