On 13 May 2021, the Office of the Privacy Commissioner for Bermuda and the Bermuda KnowledgeNet Chapter of the International Association of Privacy Professionals will hold an educational webinar discussion about Privacy by Design (PbD) featuring the creator of the PbD principles, Dr. Ann Cavoukian, former privacy commissioner for Ontario.
A special thank-you to Bermuda's local KnowledgeNet Chapter Chairs who coordinated the event:
Ciara Brady, Senior Associate, Kennedys Law
Cheryl Mapp, General Counsel, Head of Compliance & Regulatory Affairs, HLB Bermuda Advisory & Accounting Ltd.
Gretchen Tucker, Senior Governance and Privacy Attorney, BeesMont Law Limited
Nancy Volesky, CIPP/US, Privacy and Cybersecurity Consultant, Gateway Systems Limited
If you are interested in learning more about the local chapter, visit its LinkedIn page or the IAPP's listing of chapters.
Event Details:
"Privacy by Design: More relevant today than ever"
13 May 2021, 5:30-6:30pm AT (4:30-5:30pm ET)
To register, follow this link to the IAPP's form.
About Dr. Ann Cavoukian and Privacy by Design (PbD):
Dr. Cavoukian is recognized as one of the world’s leading privacy experts. She served an unprecedented three terms as the Information & Privacy Commissioner of Ontario, Canada, where she created Privacy by Design, a framework that seeks to proactively embed privacy into the design specifications of information technologies, networked infrastructure and business practices, thereby achieving the strongest protection possible. In 2010, international privacy regulators unanimously passed a Resolution recognizing Privacy by Design as an international standard. Since then, PbD has been translated into 40 languages, and in 2018 PbD was included in the EU's General Data Protection Regulation.
Dr. Cavoukian is now the Executive Director of the Global Privacy & Security by Design Centre. She is also a Senior Fellow of the Ted Rogers Leadership Centre at Ryerson University, and a Faculty Fellow of the Center for Law, Science & Innovation at the Sandra Day O’Connor College of Law at Arizona State University.
Dr. Cavoukian is the author of two books, “The Privacy Payoff: How Successful Businesses Build Customer Trust” with Tyler Hamilton, and “Who Knows: Safeguarding Your Privacy in a Networked World” with Don Tapscott. She has received numerous awards recognizing her leadership in privacy, including being named as one of the Top 25 Women of Influence in Canada, named as one of the Top 10 Women in Data Security and Privacy, and named as one of the ‘Power 50’ by Canadian Business. She was awarded the Meritorious Service Medal by the Governor General of Canada for her outstanding work on creating Privacy by Design and taking it global (May, 2017), named as one of the 50 Most Impactful Smart Cities Leaders (November, 2017), named among the Top Women in Tech (December, 2017), was awarded the Toastmasters Communication and Leadership Award (April, 2018), recognized among the Top 100 Identity Influencers (February, 2019), named among the Top 18 Global AI Influencers within the AI & Tech Space (February, 2019), and most recently was awarded the 2020 Canadian Women in Cybersecurity Lifetime Achievement Award In Recognition of Her Outstanding Contributions to Cybersecurity and Privacy in Ontario (March 2020).
To reach out to the Office of the Privacy Commissioner, please visit our Contact Us page.
Press Background:
Rights and responsibilities relating to data privacy are set out in the Personal Information Protection Act 2016 (PIPA). Bermuda's PIPA received Royal Assent on 27 July 2016. Sections relating to the appointment of the Privacy Commissioner were enacted on 2 December 2016, including the creation of the Office as well as those duties and powers relevant to its operation in the period leading up to the implementation of the whole Act. The Commissioner works to facilitate the advancement of consequential amendments to other Acts in order to harmonise them with PIPA.
The Office of the Privacy Commissioner for Bermuda (PrivCom) is an independent supervisory authority established in accordance with the Personal Information Protection Act 2016 (PIPA).
The mandate of the Privacy Commissioner is to regulate the use of personal information by organisations in a manner which recognizes both the need to protect the rights of individuals in relation to their personal information and the need for organisations to use personal information for legitimate purposes, among other duties.
The Privacy Commissioner's powers and responsibilities include monitoring the processing of personal information by both private- and public-sector organisations, investigating compliance with PIPA, issue guidance and recommendations, liaise with other enforcement agencies, and advise on policies and legislation that affect privacy. PrivCom also works to raise awareness and educate the public about privacy risks, and to protect people’s rights and freedoms when their personal data is used. The general powers of the Privacy Commissioner are outlined in Article 29 of PIPA.
Alexander White (Privacy Commissioner) was appointed by Excellency the Governor, after consultation with the Premier and Opposition Leader, to take office on 20 January 2020.
Privacy is the right of an individual to be left alone and in control of information about oneself. In addition to the protections in PIPA, the right to privacy or private life is enshrined in the United Nations' Universal Declaration of Human Rights (Article 12) and the European Convention of Human Rights (Article 8).
"Personal information" or data is a defined term in PIPA that means any information about an identified or identifiable individual. Examples include names, dates of birth, photographs, video footage, email addresses and telephone numbers. "Sensitive personal information" is a defined term in PIPA that includes information relating to such aspects as place of origin, race, colour, sex, sexual life, health, disabilities, religious beliefs, and biometric and genetic information. (Note: This is not a complete list.)
"Use" of personal information is a defined term in PIPA that means "carrying out any operation on personal information, including collecting, obtaining, recording, holding, storing, organising, adapting, altering, retrieving, transferring, consulting, disclosing, disseminating or otherwise making available, combining, blocking, erasing or destroying it."
About Privacy by Design: For more on this concept and principles, see this blog post.