The Sedona Conference Working Group 11 Meeting

Date: 
Thursday, June 20, 2019 - 8:30am to 12:00pm

Location:
The Langham
Hong Kong

A meeting of Working Group 11 will be held will be held on 20 June 2019, at The Langham in Hong Kong. The meeting’s main focus will be on new drafts and brainstorming group outlines in need of WG11 member review and comment, including the following topics:

  • Proactive privacy and security governance
  • U.S. judicial enforcement of orders entered under the EU General Data Protection Regulation (GDPR)
  • Model transparency: Core principles in artificial intelligence (AI) system design
  • Model data breach notification

An agenda and confirmed dialogue leaders can be found below.

Dialogue Leaders

Mylan

Warsaw, IN, USA

Dorsey & Whitney LLP

Minneapolis, MN, USA

NightOwl Discovery

San Francisco, CA, USA

Maynard Cooper & Gale

Birmingham, AL, USA

Winston & Strawn LLP

Houston, TX, USA

The Sylint Group

Sarasota, FL, USA

SafeGuard√Privacy

Purchase, NY, USA

Ernst & Young LLP Japan

Tokyo, Japan

Bennett Jones LLP

Toronto, ON, Canada

BakerHostetler

New York, NY, USA

Redgrave LLP

Chantilly, VA, USA

Arnold & Porter Kaye Scholer LLP

New York, NY, USA

Baker McKenzie

Washington, DC, USA

Proactive privacy and security governance: Complying with global data privacy and security regulations

Date: 
Thursday, June 20, 2019 - 8:40am to 9:30am
Panel Description: 

The panel will lead a dialogue with all members in attendance on the brainstorming group’s outline on the topic. In light of the ever-increasing number of privacy and data security laws being enacted and updated, including data localization laws, the brainstorming group has been exploring the complex decisions global companies face regarding privacy and data security compliance and considering approaches to global compliance, and whether work product on this topic – and in what form – would be useful to practitioners.

U.S. judicial enforcement of orders entered under the GDPR

Date: 
Thursday, June 20, 2019 - 9:30am to 10:15am
Panel Description: 

A panel of WG11 drafting team members and a leading jurist will lead a dialogue on a second draft of a Commentary which: (1) identifies and explains the legal principles a U.S. court would likely apply if asked to enforce an order entered under the GDPR by an EU court (or alternatively a Data Protection/Supervisory Authority (DPA) or the European Data Protection Board (EDPB)) against a U.S.-based company; and, (2) evaluates whether under those principles, a U.S. court would likely enforce various categories of orders that might be entered under the GDPR (e.g., injunctive orders, administrative actions, damage awards, penalty assessments).

Model transparency: Core principles in AI system design

Date: 
Thursday, June 20, 2019 - 10:30am to 11:15am
Panel Description: 

A panel will lead a dialogue with all members in attendance on a draft of a Commentary which will explore what it means to have an “explainable” AI system, leveraging existing guidance provided by global regulators and industry groups, and will set forth foundational design principles that should be incorporated into legal standards governing AI transparency. The Commentary will articulate what the law should require regarding what, how, and to whom to disclose as it pertains to AI-based systems that rely on personal information to make decisions.

Model data breach notification principles

Date: 
Thursday, June 20, 2019 - 11:15am to 12:00pm
Panel Description: 

A panel will lead a dialogue with all members in attendance on a draft of a Commentary with principles that is being developed to guide the development of data breach notification laws. Drawing upon best practices in data privacy and incident response, the Commentary and principles will describe how data breach notification laws should address different aspects of data breach notification, including what constitutes a notifiable breach, what methods of notification should be permissible, and whether there should be timelines for notification.