This morning at #infocon #arma2020 our keynote was the amazing @AnnCavoukian talking about privacy, an essential characteristic of freedom.

There were funny stories, scary stories, and hopeful stories. If you're attending the conference, be sure to check it out!

Most privacy breaches are undetected, unchallenged, unregulated... and unknown. As a sole model, regulatory compliance fails. This is where privacy of design, and its 7 foundational principles, comes in: https://www.ipc.on.ca/wp-content/uploads/resources/7foundationalprinciples.pdf

It's not too much of a stretch that if you've mastered Privacy by Design, you've mastered the GDPR. The fact that PbD was designed in by a , it's heartbreaking we're not compliant with the GDPR in our legislation.

This means, as RIM professionals in our respective communications, that it's on us to be proactive and banish zero-sum models for positive sum models! PbD Certfication can build trust organizations, a trait for which there is a major deficit these days.

@AnnCavoukian and @KPMG are partnering to deliver the Privacy by Design certification https://assets.kpmg/content/dam/kpmg/ca/pdf/2020/06/privacy-by-design.pdf

We're seeing a lot of examples of overcollection (e.g., Cadillac Fairview: https://www.priv.gc.ca/en/opc-news/news-and-announcements/2020/nr-c_201029/) and intimidating new technology (e.g., facial recognition: https://www.wsj.com/articles/are-you-ready-for-facial-recognition-at-the-airport-11565775008#:~:text=Facial%20recognition%20is%20rolling%20out,by%20the%20end%20of%202019.)

But with every action, there's a equal and opposite reaction: initiatives like D-ID and and Apple-Google's Exposure Notification API (which formed the basis of the COVID Alert App) are demonstrating how privacy can be built-in.

So focus on prevention and on Privacy by Design, not Privacy by Disaster!