12:00 - 1:00 PM Keynote Q&A Session withAshkan Soltani Ashkan Soltani, Technology Expert at Soltani LLC will have a candid conversation and Q&A with the Roundtable Moderator. 1:00 PM Quick Break
1:10 - 2:20 PM Discussion Session: A New Chapter in Federal Privacy Law With the CCPA and CPRA and new privacy laws working their way through several state legislatures, there has been a renewed call for a comprehensive federal privacy law. There has been a notable shift in industry toward embracing the need for such a law. Several bills have been proposed in Congress. The climate has never been so favorable toward a federal privacy law as it is now. Significant hurdles still remain: private right of action, the right to erasure, the powers of the FTC or other enforcement agency, preemption, and more. In this session, we will discuss these issues.
3:20 - 4:30 PM Discussion Session: The CPRA and Privacy in California: What’s Next? In 2018, California enacted the California Consumer Privacy Act (CCPA), a powerful law that has had quite an impact on many multinational companies. In 2020, a referendum passed – the California Consumer Rights Act (CPRA) – which significantly strengthens and expands the CCPA. There will be new privacy enforcement agency in California, fortified with a big budget and significant resources. The full implications of the CPRA remain uncertain. What are the greatest challenges in complying with the CPRA? How will the CPRA be enforced? What must companies do to prepare for the CPRA? What are the most impactful changes that the CPRA makes to the CCPA?
*all times noted are in Eastern Standard Time
Wednesday, February 24, 2021
WEDNESDAY, FEBRUARY 24, 2021
1:00 - 2:00 PM Keynote Q&A Session Wojciech Wiewiórowski, Supervisor, European Data Protection Supervisor, will have a candid conversation and Q&A with the Roundtable Moderator. 2:00 PM Quick Break
2:10 - 2:50 PM Networking Session - Hosted by OneTrust
2:50 PM Quick Break
3:00 - 4:10 PM Discussion Session: EU Privacy and Cross-Border Transfers in a Post Schrems II World In 2020, the European Court of Justice (CJEU) issued its decision in the Schrems II case that invalidated the EU-US Privacy Shield, a framework for cross-border data transfer from the EU to the US, that was relied upon by thousands of companies. In addition, the CJEU called into question whether data could be transferred to the US via other means – the standard contractual clauses and binding corporate rules. Data transfer to the US is currently under a cloud of uncertainty. In this session, we will discuss the various approaches to data transfer in the wake of Schrems II. Can a new revamped Privacy Shield be developed? Is there a way to make data transfers via the standard contractual clauses or binding corporate rules work? Can the derogations under the GDPR Article 49 work?