From GDPR to CCPA

Lessons for Israeli Companies and Practitioners

From GDPR to CCPA

Workshop | Free | English

Monday, June 24th, 2019

08:30-15:30

Tel Aviv University - Naftali Building(Room 001)

About

Merely a year after the entry into force of the General Data Protection Regulation (GDPR), companies and privacy practitioners are already in the midst of the next major compliance project, preparing to implement California’s new Consumer Privacy Act (CCPA). In this training session, experts explain the similarities and differences between GDPR and CCPA, helping participants prepare their organizations to comply with both. Special focus will be placed on the challenges for Israeli companies, which often need to implement both US and EU laws in addition to local privacy and data security regulations. Topics will include scope of application; definitions; notice requirements; individual rights; incident response; and more.

 

 

Agenda

08:30-09:00

Gathering & Registration

09:00-09:05

Introduction

Moderator - Limor Shmerling Magazanik , Managing Director , Israel Tech Policy Institute

Prof. Kenneth A. Bamberger , The Rosalinde and Arthur Gilbert Foundation Professor of Law , University of California, Berkeley

09:05-09:20

Keynote Lecture

Prof. Chris Jay Hoofnagle , Adjunct Professor , School of Information and School of Law, University of California, Berkeley

Passed unanimously within 72 hours in the California legislature, the Consumer Privacy Act (CCPA) is a striking legislative achievement for privacy advocates. Initially conceived as a ballot initiative brought to the voter via a referendum, CCPA has now completely transformed the legislative agenda not just in California but also in Washington, DC. One of the closest advisors to the group that sponsored the ballot initiative, Professor Chris Hoofnagle discusses the past, present and future of the CCPA.

09:20-12:00

From GDPR to CCPA

Boris Segalis , Partner , Cooley

Cédric Burton , Partner & Co-chair , Wilson Sonsini Goodrich & Rosati, LLP

Gabriela Zanfir-Fortuna , Policy Counsel , Future of Privacy Forum

Less than a year after the entry into force of the European General Data Protection Regulation (GDPR), companies around the world are already beginning work to comply with a new law, CCPA. Who should be concerned about CCPA implementation? What are the main similarities and differences between GDPR and CCPA? If you’ve applied GDPR, what should you do to also prepare your business or clients for CCPA? In this session, three of the leading experts on European and US data protection laws provide training on the laws’ scope of application; accountability requirements; individual rights; data breach provisions; vendor management; enforcement mechanisms; and strategies for multi jurisdictional compliance.

12:00-13:00

Networking Lunch

13:00-14:00

Lessons Learned

Anna Pouliou , Head of Privacy , Chanel

Lindsey Finch , Executive Vice President, Global Privacy and Product Legal , Salesforce

Alisa Bergman , Chief Privacy Officer , Adobe

How to best respond to a complex web of regulations when managing global data flows? In this session, three of the leading Chief Privacy Officers (CPOs) in the world discuss how their companies implemented GDPR and are preparing for CCPA as well as additional potential state and federal legislation in the US and around the world. What does a global privacy program look like on the ground? How are data flows accounted for and managed? How is risk mitigated when dealing with hundreds or even thousands of vendors? What are the strategies for handling individual complaints and regulatory requests?

14:00-14:15

CNIL Enforcement update

Sandra Azria , Lawyer , Azria Avocats

One of the leading data protection authorities in the world, the French Commission nationale de l'informatique et des libertés (CNIL) is known for imposing the first ever 50 million euro fine as well as for its leadership on policy and technology. In this update, Adv. Azaria discusses the experience with CNIL enforcement one year into the application of GDPR.

14:15-15:30

Blue and White GDPR: The Israel Experience

Adv. Nir Gerson , Senior Counsel (Law & Technology) and Deputy Head of the Legal and Regulation Department , Israeli Privacy Protection Authority

Pini Azaria , Adv. , Pini Azaria Law Offices

How do laws like GDPR and CCPA affect Israeli companies? As a country deemed “adequate” under the EU Data Protection Directive, Israel enjoys special status with the EU, while also having deep economic, diplomatic and cultural links with the US. How should Israeli companies that operate globally prepare for new regulatory initiatives around the world? What has the experience been with implementation of Israel’s 2017 data security regulations? Has the Israeli privacy regulator seen increased activity with other privacy authorities in the EU? This session convenes leading local practitioners to explain the local market’s reaction to the new data protection ecosystem.

In Association With

GDPR A2Z