Privacy and data protection is the number one issue businesses around the world are facing. Personal privacy is at the forefront of information sharing and social media requirements. For the past 20 years, the Privacy and Security Conference has been the number one conference on the issues of privacy and security globally.
Presented by the Offices of the CIO and Corporate Information and Records Management, Ministry of Citizens’ Services, Province of British Columbia, this three-day conference attracts over 1100 delegates and 100 international subject matter experts. It provides essential education, training and opportunities for CPD credits for individuals who are responsible for the transformation of the public and private sector into the new digital economy.
Reasons to Attend
- Timely, motivational presentations from leading industry experts
- Learn about current trends, issues and actions
- Valuable CPD credits to maintain a variety of qualifications essential for your career
- Unparalled networking opportunities
- Informative 3-hour pre-conference educational sessions and many interesting panel sessions
- Get immediate answers and solutions to issues current in your organization
|Early Bird registration by December 13, 2019||Regular registration after December 13, 2019|
|Public Sector||$750.00 CAD (plus GST)||$925.00 CAD (plus GST)|
|Private Sector||$850.00 CAD (plus GST)||$1,250.00 CAD (plus GST)|
*We are pleased to offer our Alumni program, providing a special rate to past attendees. Delegates who have attended this conference before will receive the special public sector price of $675 or private sector price of $795 when they register on or before September 27, 2019. Please contact us for the promo code if you did not receive it by email.
Registration Fees Include
- 2 plated lunches
- All coffee breaks
- All keynotes, plenaries, panel sessions and applied sessions
- Pre-conference educational sessions
- Access to networking lounges
- Networking reception Thursday evening
- Conference notebook
- Conference materials
- On-line access to presentations post-event
Stay connected and engaged in the conversation leading up to and during the conference by following along on Twitter. Use the event hashtag to follow others who are already posting, and include it in your tweets to add to the existing discussions. The hashtag for this year’s conference is #PrivSecYYJ and our twitter handle is @Reboot_Comm. We would appreciate you sharing your voice with our other followers.
Victoria Conference Centre
There’s nowhere in the world like Victoria. It’s small yet sophisticated; a technology leader and an historic capital city; a vibrant business community yet surrounded by nature. At its heart is the Victoria Conference Centre – an exceptional experience for delegates and world-class support for planners.
Victoria Conference Centre
720 Douglas Street
Wednesday, February 5, 2020
Registration Desk Opens
9:00am - 12:00pm • Theatre
BC Ministry of Citizens’ Services – Information Security Branch presents: Privacy and Security in the Cloud
9:00am - 12:00pm • Colwood Room
The Ethics of Research Privacy Workshop
This session will explore an approach to privacy grounded in applied ethics principles and concepts. Attendees will have the opportunity to work through a series of real-life case studies in the research domain guided by ethics tools. The goal of this session is to empower attendees to use “all things considered” holistic judgements concerning privacy.
9:00am - 12:00pm • Sidney Room
BC Ministry of Citizens’ Services – Information Security Branch presents: How to be a Ministry Information Security Officer (MISO)
The role of a Ministry Information Security Officer is key to a successful security program and empowering that MISO with clear role definition ensures success. But what does it mean to be a MISO? This workshop will walk through the roles and responsibilities of this type of position and provide tips on how to establish a security culture within your organization.
This workshop is useful for those currently in the role who want to sharpen their skills or those who aspire to be future MISOs and want to learn more about the role. We’ll offer some practical tips along with insight into how MISOs fit into an organization’s overall security program.
This session will address topics such as:
• What is a security program?
• SOARs, security breaches, training and contracts
• Program measurements
• Influencing a positive security environment
Join us for an informative discussion on this critical security position to any organization.
1:00pm - 4:00pm • Oak Bay Room
BC Ministry of Citizens’ Services – Information Security Branch presents: DevSecOps – The New Zero Trust Security Model for BC Government Applications
Are you wanting to know how you can make your application secure - right from the start – and then for every line of code? Find out how the Developers Exchange has designed a zero-trust environment, integrating leading edge security tools into the BC Government’s Openshift Platform. We will have demonstrations of live pilot ministry applications using the new security environment. Bring your toughest questions and concerns and the team will work through them with you.
1:00pm - 4:00pm • Sidney Room
BC Ministry of Citizens’ Services – Information Security Branch presents: Cybersecurity Awareness: The need of changing the culture to match living in digital world
This seminar provides an opportunity to explore in depth the difficulties of cybersecurity awareness programs. Recognizing that the weakest link of cybersecurity is the individual’s digital habits and behaviors we will look at some of the cultural attitudes that stay in the way of adopting new cybersecurity-aware habits. Through a number of practical activities and games we will address the practical ethics issues related to cybersecurity. We will test several game based decision-making techniques and guides that can be immediately implemented in your work place. Understanding the boundaries of privacy and anonymity helps us navigate and manage the risks we are exposed to from malicious players. In bringing theory and practice together for discussion, the audience will learn about real life experiences and key factors for achieving successful transition to a culture of ethically responsible digital citizen.
After attending this workshop, participants will be able to:
• Understand the digital landscape and the role individuals play in creating secure future.
• Realize that many of the problems in respect of secure digital future are related to the culture of unexplored ethical decision-making process.
• Use a practical and simple guide for ethical decision-making.
• Know what to expect from malicious players and recognize when targeted.
• Identify how and why an individual’s security may be in danger of being compromised.
• Understand the essential difference between privacy and anonymity.
• Plan for managing personal digital footprint and adjust behavior respecting the realities of cyber-connected world.
• Understand the different professional perspectives on cybersecurity training.
• Use new methods in delivering cybersecurity awareness programs.
• See in action a variety of methods to improve the quality of cybersecurity training in their organizations.
Thursday, February 6, 2020
Registration & Networking Lounge Open
8:20am - 8:30am • Carson Hall (Salon ABC)
8:30am - 8:45am • Carson Hall (Salon ABC)
9:25am - 10:00am • Carson Hall (Salon ABC)
10:00am - 10:15am • Upper & Lower Foyers
10:15am - 10:45am • Salon A
Concurrent Keynote Address by F5 Networks
10:15am - 10:45am • Salon B
Concurrent Keynote Address
10:15am - 10:45am • Theatre
Concurrent Keynote Address
10:50am - 12:05pm • Salon A
Concurrent Panel Session - Panel A: Artificial Intelligence (AI) is Changing the World, Are We Ready for It?
Two-thirds of global businesses said AI technologies are important for their success. 70% of Canadian businesses have not even begun their AI planning. Canada’s early adopters are struggling to scale their pilots. AI promises efficiency and savings, as well as opportunities to eliminate repetitive tasks, reduce human error, and increase productivity. Business and policy leaders across Canada will engage to claim a leadership position in AI.
AI has the potential to be the catalyst for an era of unprecedented innovation, progress, and prosperity. Yet Canadians do not understand AI or see how its benefits outweigh the risks. Major concerns about AI’s impact on privacy, security, bias, consumer protection and more – and Canadians are looking to business and government leaders to provide answers and solutions to those questions. Left unaddressed, this lack of trust could have a serious impact on Canada’s future prosperity.
10:50am - 12:05pm • Salon B
Concurrent Panel Session - Panel B: Big Data DNA Data Storage -Bioethics, Personalized Medicine and Genomics
The rise of DNA data has experts concerned about protecting consumers personal privacy and how policy makers should think about DNA in the future. We have protected genetic information individually rather than using general privacy laws Genetic data can have multiple uses.
10:50am - 12:05pm • Theatre
Concurrent Panel Session - Panel C: Regulating Content on the Internet
The British Government will outline how internet regulations will reduce “online harms” encompassing any company that allow people to share or discover user-generated content or interact with each other online. Terrorist material, child abuse, trolling and disinformation are included in the regulations. Is the door open on censorship of the internet?
Moderating content on the internet has been a losing game of whack-a-mole. Tech platforms are responsible for both copyright and terrorist, abuse related material. Taking down objectionable content ignores the question of how it got there.
Britain’s approach is to require companies to design their services in a way that makes is harder for bad content to spread. Impose statutory “duty of care” and companies must take reasonable steps to keep their uses safe and tackle illegal and harmful activities on their service. The government will set up a new regulator whose mandate will be to publish guidelines for companies, oversee complaints, encourage co-operation between firms and issuing fines as well as other harsher penalties such as blocking websites or holding senior managers responsible. Maintaining national security and protecting the vulnerable must be balanced against individual’s liability.
10:50am - 12:05pm • Salon C
Concurrent Panel Session - Panel D: Digital Assistance- Alexa can handle patient information what does that mean for privacy?
Voice enabled devices will allow customers to access personalized medical information, like medical diagnoses, pharmaceutical prescriptions and software that reads medical records. In the future customers will book medical appointments, access hospital post-discharge instructions and check on perscription delivery. The area of health records is famously contentious though a push to digitize medical records leads to fragmented paper trails filled with gaps. Doctors are ftustrated with with the entire process and various softward systems for health records lead to burnout. Health privacy laws ensures that health information can only be shared between patients and those in the healh care system like doctors and hospitals. Can these new devices remain privacy complant as we transform the $3.5 Trillion health system.
12:05pm - 1:20pm • Crystal Ballroom
1:20pm - 1:55pm • Carson Hall (Salon ABC)
Keynote Address - Title Sponsor
2:05pm - 2:35pm • Theatre
Applied Session by Replica Analytics: Accelerating AI with Synthetic Data
Data synthesis is a method for generating non-personal information that has the same statistical properties as real data. The basic concept is that a model is built to characterize the original data, and then synthetic data is generated from that model. Recent advances in statistical machine learning and deep learning mean that these models can capture many of the subtle characteristics of the original data, resulting in high utility data. However, if the synthesis model is overfit to the original data then the same values are replicated, and we may potentially have a privacy problem. Therefore, data synthesis is a balance between data utility and data privacy.
In addition to enabling access to data for AI and machine learning projects (which is becoming an increasingly challenging problem), common use cases for synthetic data include technology evaluation, open data, competitions and challenges, and software testing.
This presentation will provide a broad overview of data synthesis, focusing on structured data. We will examine methods to generate synthetic data, how to evaluate data utility, how to evaluate identity disclosure risks with synthetic data, and the results of a legal analysis to assess how various privacy regulations treat synthetic data (namely the GDPR, CCPA, and HIPAA). Healthcare examples will be used where relevant to illustrate the key points, although the basic principles and methods apply to other types of data.
2:05pm - 2:35pm • Oak Bay II Room
Applied Session: Privacy and the Public Health-Scape: Lessons Learned from the Trenches
Public health is more than hand washing campaigns and promoting condom use -- it is at the forefront of big health data analysis, and is leading the way in healthcare data integration to address significant issues impacting British Columbia, from the current opioid overdose crisis to chronic disease. Achieving success in these areas is increasingly tied to robust data governance and stewardship frameworks, breaking down data silos and ultimately supporting broader access to data itself. What remains critical in all of this is privacy: a key facet underpinning data partnerships and data acquisition, and a central component to the BCCDC’s “trust management” model. This presentation will shed light on the role of privacy in today’s public health landscape, provide key lessons learned from on-the-ground operations, and identify some of the emerging challenges in an increasingly data-driven health space.
2:05pm - 2:35pm • Saanich Room
Applied Session: Why Can't We Make Secure Software?
A lot is expected of software developers these days; they are expected to be experts in everything despite very little training. Throw in the IT security team (often with little-to-no knowledge of how to build software) telling developers what to do and how to do it, and the situation becomes strained. This silo-filled, tension-laced situation, coupled with short deadlines and pressure from management, often leads to stress, anxiety and less-than-ideal reactions from developers and security people alike.
This talk will explain how job insecurities can be brought out by IT leadership decisions, and how this can lead to real-life vulnerabilities in software. This is not a talk about “feelings”, this is a talk about creating programs, governance and policies that ensure security throughout the entire SDLC.
No more laying blame and pointing fingers, it’s time to put our egos aside and focus on building high-quality software that is secure. The cause and effect of insecurities and other behavioral influencers, as well as several detailed and specific solutions will be presented that can be implemented at your own place of work, immediately. No more ambiguity or uncertainty from now on, only crystal-clear expectations.
2:35pm - 2:50pm • Upper & Lower Foyers
2:50pm- 4:05pm • Salon A
Concurrent Panel Session - Panel A: Federal Oversight: Protecting the Security of Canadians and Safeguarding Their Rights
The National Security and Intelligence Review Agency is the watchdog for overseeing national-security activities. Created under an omnibus national-security bill it will oversee the government’s security decisions while ensuring that authorities don’t infringe on the rights and freedoms of Canadians. Protecting the security of Canadians and safeguarding their rights are equally important parts of the agency’s mandate. Advising the Government on the extent to which (federal) agencies are properly and reasonably using the powers that have been granted. Has the bill given federal agencies power to collect and share too much information on Canadians? How will the agencies use its new powers to be the eyes and ears of Canadians and give them more confidence in our Federal agencies related to security in the future?
2:50pm- 4:05pm • Salon C
Concurrent Panel Session - Panel C: Does Canada Need a National Data Strategy?
Globalization and rapid technological development have fundamentally shifted the basic drivers of economic growth from the knowledge-based economy driven by intellectual property to the data-driven economy driven by data. The most valuable companies in the world are data companies. This new economy presents new challenges but also opportunities for Canadian businesses, individuals and policy-makers.
Canada’s data strategy to ensure that Canadians own the data they produce, and that governments and businesses are well-positioned to use it to grow our economy, protect privacy, promote the public interest and assert our sovereignty.
2:50pm- 4:05pm • Theatre
Concurrent Panel Session - Panel D: Internet of Things- Chips with Everything- Will IoT do for information what electricity did for energy?
A revolution estimated that by 2035 the world will have a “trillion” connected computers built into to everything we do as a consumer in the new digital world. In the long term the most conspicuous effects of the IOT will be in how the world works. The second phase of the internet that will carry business models that dominate the internet all conquering platform monopolies or date driven approaches that critics and privacy advocates call “surveillance capitalism” IOT promises huge benefits and will mature in an age that has become skeptical about where a connected, computerized future will be but will have to earn the trust of its users for a successful future. The panel will discuss ownership, data, surveillance, competition and a playground for hackers in this new connected world.
5:00pm - 5:45pm • Upper Foyer
Reception open to all delegates
Friday, February 7, 2020
Registration & Networking Lounge Open
9:40am - 10:10am • Carson Hall (Salon ABC)
10:10am - 10:25am • Upper & Lower Foyers
10:25am - 10:55am • Salon A
Concurrent Keynote Address
10:25am - 10:55am • Salon B
Concurrent Keynote Address
10:25am - 10:55am • Theatre
Concurrent Keynote Address
11:00am - 12:15pm • Salon A
Concurrent Panel Session - Panel A: Voter Analytics and Micro-Targeting: Reflections on the 2019 Federal Election
The use of personal data in contemporary elections is now a matter of global importance and controversy. There are a range of issues: the appropriate use of voter analytics; the democratic responsibilities of powerful social media platforms; the accountability and transparency for targeted political ads; cyberthreats to the integrity of electoral procedures; and the spread of misinformation and “fake news” through malicious actors and automated bots.
This panel involves representatives from some major companies that were employed by political parties and candidates to discuss these pressing issues, and to reflect on the lessons of the 2019 federal election campaign.
What is the appropriate role for data analytics in modern democratic elections? Did micro-targeting occur in 2019, and was it effective? Was there evidence of malicious interference? What was the experience of the new ad transparency rules? And what should be the privacy rules for political parties and candidates?
11:00am - 12:15pm • Salon B
Concurrent Panel Session - Panel B: Smart Cities: The New Modernization Strategy Banking on “Your Data”
The future modernization plans for cities to develop policies and the general digital transformation is on everyone’s agenda. Leveraging smart technology and innovation to engage residents and solve some of our city’s most pressing issues is at stake. A well-connected, sustainable city where people work live and thrive in the new digital future is at stake.
The goal to transform cities into a modern, global city at the leading edge of innovation and technology with the creation of labs to test new tech in real-life, solve local innovation challenges and to bridge the gap between those that have access to technology and those who don’t is the plan.
Digital hubs to provide networking, connections to services, training, and tools in the mobile workplace, connected parks, free WiFi and main streets. Inter-modal transportation options bikes, cars, electronic vehicles, and automated traffic management systems are the benefits.
Portals that connect the digital ecosystem with access to services and information and open data, GIS, and other smart city technology will be central to the success of smart cities?
So what is the cost? Your data and your privacy, are we ready to address these challenges?
11:00am - 12:15pm • Theatre
Concurrent Panel Session - Panel C: Trusted Data - How Innovation is Promoting Data Sharing and AI
Governments seeking to foster growth in their digital economies need to be more active in encouraging safe data sharing between organizations. Tolerating the sharing of data and stepping in only where security breaches occur is no longer enough. Sharing data across different organizations enables the whole ecosystem to grow and can be a unique source of competitive advantage. But businesses need guidelines and support in how to do this effectively. Concerns with data sharing: how to formulate an overall data-sharing strategy, legal and regulatory considerations, technical and organizational considerations, and the actual operationalizing of data sharing.
12:15pm - 1:30pm • Crystal Ballroom
1:40pm - 2:10pm • Salon C
Applied Session: Implementing COBIT process governance at the BC Social Sector: A Case Study
Process binds people with machines, delivering business value such as information security. Join John Zimmermann, security architect for the BC Government Social Sector, to learn lessons they experienced while rolling out a governance framework to track the effectiveness of their information management processes. From inception to delivery, you’ll discover the challenges and opportunities encountered while adopting COBIT 5 as an ongoing transformational vehicle for their organization.
1:40pm - 2:10pm • Saanich Room
Applied Session: “Mind the Gap” – Future-Proofing your Privacy Program
Artificial Intelligence, Big Data, Internet of Things and other data and technology developments and trends are timely and relevant. Building in privacy by design and privacy by default are important; but will not enable you to anticipate every risk or prevent every privacy incident. And implementation of these strategies and technologies will only amplify your potential points of privacy failure.
The effectiveness of your holistic privacy program is still of paramount importance: if an incident is never identified or reported, if it gets lost in the gap, then you cannot effectively manage your risk. How can you future-proof your privacy program so it can be effective regardless of new data and technology trends and cyber risks?
This session will help you identify how to effectively future-proof your privacy program, with interactive discussion on the following topics:
- How to define the “gap”
- War stories demonstrating the gap (i.e., example incidents that aren’t covered by the media)
- How to identify and address the drivers of the gap in your organization
- Core elements of a holistic, integrated and effective Privacy Program
- Practical tips on future-proofing your privacy program by minimizing your gap and potential points of failure
1:40pm - 2:10pm • Oak Bay 1 Room
Applied Session: Deepfakes: What Can We Trust?
A deepfake is a video made portraying a person that is computer generated. They can be manipulated to say anything and interact with others. In the more malicious cases, celebrities have been targeted and inserted into adult films. They are getting more convincing and will soon be indiscernible from authentic video.
Deepfakes are currently a novelty and an amusement that is approaching a quality where widespread deceit could easily happen. It is estimated that in early 2020, the technology will be available for general users to perform a deepfake. When this happens, a user would be able to insert an image and apply it to someone in a video. We have already seen this with an app called Zao in China that will add the app user into a short clip of a movie. Knowing who to trust in the coming age will be hard when so called fake news can be delivered by trusted personas.
There are technologies to detect and prevent deepfakes. There are traces of tampering left when deepfake algorithms run. While this can be detected, it will only help in forensics. There will be very few methods that will be accessible to the public.
In this applied session, we will look at different examples of deepfakes and what is being done to detect them. It is possible to animate someone from a picture. Machine Learning (ML) can restore clarity to a blurry picture, then overlay that onto a video. With as little as 5 seconds of audio, a voice can be recreated and say anything that the manipulator desires. If a few of these technologies are combined, even a target with limited social exposure could be easily faked.
DeepFakes and Faceswapping has ethical issues. There are those in the AI community that are fighting to ensure that a zero-tolerance approach to the inappropriate use of these technologies. Should these technologies be open? They haven’t caused much harm.
1:40pm - 2:10pm • Oak Bay II Room
Applied Session: Enhancing Your Cybersecurity Culture with a Cybersecurity Ambassador Program
More and more the human factor is being recognised as a key component of an overall cybersecurity strategy. Technology alone will not solve our cybersecurity issues - we have to ensure that our people are aware and taking the appropriate action when confronted with phishing, social engineering, etc. Traditional cybersecurity awareness training - watch the videos, click the complete box - while part of baseline training, will fall short of expectations. What's needed is a change in the organisation's culture; good cybersecurity practices need to be viewed as a valued component of that culture. "Champions" or " Ambassador" programs are an effective way of creating and maintaining this culture change.
In this session Don will review the Security Awareness Maturity Model and why culture is an important part of a cybersecurity awareness program. He will then discuss the concept of an Ambassador program and how it can influence organisational culture. Finally, Don will get into the practical side of implementing and running an Ambassador program based on his experiences at Royal Roads University.
1:40pm - 2:10pm • Esquimalt Room
Applied Session: Privacy and Security of Electronic Records: Some Ethical Considerations
2:10pm - 2:25pm • Upper & Lower Foyers
2:25pm - 3:40pm • Salon B
Concurrent Panel Session - Panel B: Privacy in Public Safety in Vulnerable Populations
2:25pm - 3:40pm • Theatre
Concurrent Panel Session - Panel C: Public Cloud Computing: Is the Future of Privacy in the Cloud?
Gartner defines public cloud computing as a style of computing where scalable and elastic IT-enabled capabilities are provided as a service to external customers using Internet technologies—i.e., public cloud computing uses cloud computing technologies to support customers that are external to the provider’s organization. Using public cloud services generates the types of economies of scale and sharing of resources that can reduce costs and increase choices of technologies. From a government organization’s perspective, using public cloud services implies that any organization (in any industry sector and jurisdiction) can use the same services (e.g., infrastructure, platform or software), without guarantees about where data would be located and stored.
2:25pm - 3:40pm • Salon C
Concurrent Panel Session - Panel D: So Canada Needs New Privacy Law Fit for 2030 – What Does That Truly Mean?
Both major political parties had campaigns that signaled it is time for a new privacy law in Canada. We can all agree that the law should project individuals right to privacy and facilitate Canada’s digital future. But what does that actually mean when one puts pen to paper. This panel will begin the process of filling in the blanks.
3:50pm - 4:30pm • Carson Hall (Salon ABC)
Closing Keynote Address: Bringing Thinking and Technology Into Focus
4:30pm - 4:45pm • Carson Hall (Salon ABC)
Closing Remarks & Announcements
21st Annual Privacy and Security Conference is proudly sponsored by the following companies.
If you would like to sponsor this event, please download the Sponsorship Brochure for more information.
Conference Sponsors & Exhibitors
Hotel & Travel
Fairmont Empress Hotel Room Block
If you need to make accommodation arrangements, the Fairmont Empress is offering a special conference rate of $185/night for Corporate reservations and $159/night for Government reservations. Please note that this room block ends January 10, 2020.
Please contact the hotel directly at (250) 384-8111 to book a room or book online using the following links:
Government Reservations – https://book.passkey.com/go/psgovt2020
Corporate Reservations – https://book.passkey.com/go/privacyandsecurityconference
721 Government Street
It has been brought to our attention that individuals are contacting sponsors and speakers, citing the Reboot Privacy & Security Conference, to offer hotel reservation services. To be clear, these individuals are not in any way affiliated to our conference, and are not authorised to use the Reboot Communications name. No one should contact you directly to book your hotel room or to offer you a special discounted rate. If you receive one of these calls, it is a scam. They are not affiliated with Reboot Communications or the Privacy & Security Conference. Thank you to those who have alerted us to this matter. To book your room in a safe manner please follow the information on this page only.
YYJ Airport Shuttle Discount
If you are needing transportation from the Victoria International Airport to Downtown Victoria/Empress Hotel why not consider using the YYJ Airport Shuttle.
When booking the shuttle online or over the phone please use the promo code REBOOT20. This will give you 20% off tickets.
For more information please visit their website at www.yyjairportshuttle.com or call them at 1-855-351-4995.
Harbour Air Seaplanes Discount
Flying in from Vancouver or Seattle for the conference? Arrive in style in Victoria’s Inner Harbour with Harbour Air. Subject to availability, attendees will receive a 20% discount on their goFlex and goGold fares for confirmed travel to/from Victoria between February 3 and 9, 2020. Please note that all rates are subject to tax and fees. This offer cannot be combined with any other offers or promotions or be paid by Airbucks or TurboBucks and cannot be applied to private charters.
In order to receive this special discounted rate, attendees can contact the Reservation Department directly by phone at 1.800.665.0212, by e-mail at firstname.lastname@example.org or online at www.harbourair.com and quote the coupon code ‘P&SC02-20’. Also be advised that you will need to present a copy of your conference registration upon check-in.
All schedules and location information can be accessed through their website at www.harbourair.com.