I could not help but compare and contrast this year’s trip to Washington, D.C., for the IAPP’s Global Privacy Summit to the last one I attended, which was in 2019.

The venue was the same (the Convention Center in Washington, D.C.), and being in the building felt, at times, like I had traveled back in time. But then I remembered I was in 2022 when I attended the sessions or met with privacy professionals during breaks in the programming.

This year, many of the sessions were focused on how we can lawfully transfer data from Europe to a third country instead of 2019’s focus of getting ready for the U.S.’s first comprehensive state privacy law, the California Consumer Protection Act (CCPA). In 2019, we were making predictions about CCPA and its enforcement. We have lived with the CCPA for two years now and have more to prepare for as we get ready for three new (perhaps four with Connecticut?) U.S. state privacy laws that will take effect in 2023. Plus, there are changes coming to California under the California Privacy Rights Act. New topics also emerged, including how to protect teens’ and kids’ data in the U.S. (is it through a self-regulatory framework, updates to the federal Children’s Online Privacy Protection Act, a new federal law, or a combination of all of these?).

As I met and spoke with privacy professionals from around the world, all of them seemed to agree that we have been quite busy keeping up with legal privacy developments since the last time we all convened together (not to mention shifts in public opinion and discourse around what privacy means and how it should be protected).

I will not try to predict the key topics for next year, but I think it is safe to say that technology continues to outpace legal frameworks. We have our work cut out for us as we all continue working through challenging legal and ethical problems around data collection and use, designing new technology to protect that data from unauthorized use, and effectuating individuals’ data rights.

May 16, 2022/by Privacy and Data Security