| Time | Session | Panelists |
| Monday, October 28, 2024 | ||
| 5:30 — 7:30 p.m. | Welcome Reception | |
| Tuesday, October 29, 2024 | ||
| 8:00 — 8:45 a.m. | Breakfast & Sign-in | |
| 8:45 — 9:00 a.m. | Welcome & Overview | |
| 9:00 — 10:15 a.m. | [Session 01] Commentary on Law Firm Data Security, Second Edition | |
| The panel of brainstorming group members will lead a dialogue on its outline regarding whether a second edition of the Commentary on Law Firm Data Security ("Commentary") is warranted because of the changes in law and technology, omissions in the original product, or newly developed needs for guidance. The original Commentary, published in 2020, includes a discussion of how organizations should communicate with outside counsel about their data security practices. The Commentary also includes model clauses for engagement letters as well as a sample questionnaire corporate clients could provdie to their law firms to assess data security readiness. | ||
| 10:15 — 11:15 a.m. | [Session 02] Potential AI Projects Update | |
| The panel will present, and lead a dialogue with WG11 membership in attendance regarding, the proposal of the current WG11 AI brainstorming group that a drafting team be formed to prepare a Commentary regarding certain statutory clarifications and/or interpretations that the brainstorming group believes are needed in order for the Colorado Privacy Act (Colo. Rev. Stat. §§1301 et seq.) and Colorado AI Law (Colo. Rev. Stat. §§1301 et seq.) to be read consistently with one another when a business is using AI in the hiring process. In addition, the panel will present and/or seek feedback from the WG11 membership regarding other AI-related privacy and/or data security legal issues that might be the basis for forming future WG11 AI brainstorming groups. | ||
| 11:15 — 11:30 a.m. | Morning Break | |
| 11:30 — 12:45 p.m. | [Session 03] Individual Liability for Data Security Failures | |
| The panel of brainstorming group members will lead a dialogue on its outline regarding whether it is useful to develop a Commentary identifying the legal basis for data security failures that could lead to individual liability (whether civil or criminal); whether the liability is unique to data security obligations or derived from general management or fiduciary responsibilities; differences in the application of the requirements (i.e., is accountability based upon specific knowledge, intent or negligence); and whether there should be guidelines to help individuals protect against such liability. | ||
| 12:45 — 2:00 p.m. | Lunch | |
| 2:00 — 3:15 p.m. | [Session 04] Town Hall | |
| WG11 Steering Committee members will lead a dialogue on progress made on the work product of WG11, and by WG11 as a whole. WG11 member input will be sought regarding the future direction of WG11, including ideas for existing and new commentaries and projects. | ||
| 3:15 — 3:30 p.m. | Afternoon Break | |
| 3:30 — 5:00 p.m. | [Session 05] Privacy and Data Security Regulator Roundtable | |
|
The panel of key U.S. privacy and data security regulators will participate in a roundtable discussion of their offices’ current priorities in the privacy and data security space. The discussion will encompass new legislative and rule-making initiatives in which the regulators’ offices are involved, as well as their offices’ current enforcement focal points and investigatory processes. |
||
| 5:00 — 7:00 p.m. | Reception (guests invited) | |
| Wednesday, October 30, 2024 | ||
| 8:00 — 9:00 a.m. | Breakfast & Sign-in | |
| 9:00 — 10:15 a.m. | [Session 06] Privacy and Data Security Litigation Update | |
| The panel will lead a dialogue on not only the most significant court decisions, including recent Supreme Court jurisprudence, regarding privacy and data security in the past year, but also court filings that raise novel claims and defenses (even if the cases themselves are pending or have settled), with the goal of bringing WG11 members up-to-the-minute on where the case law currently is – and more importantly, where it could be heading in the future. | ||
| 10:15 — 10:30 a.m. | Morning Break | |
| 10:30 — 11:45 a.m. | [Session 07] Online Tracking | |
| The panel of drafting team members will lead a dialogue on their efforts in drafting a Commentary based on the work of the Online Tracking brainstorming group (found here). Dialogue leaders will discuss how they chose which principles to focus on from the brainstorming group and how they arrived at consensus for inclusion, as well as the latest developments in case law and technology related to online tracking. Dialogue leaders will also seek member feedback on the proposed draft, topics for inclusion, and consensus-building. | ||
| 11:45 — 1:00 p.m. | [Session 08] Data Privacy Primer, Second Edition | |
| The panel of WG11 drafting team members will lead a dialogue on their draft Second Edition of the Data Privacy Primer ("Primer") that, among other updates, (1) revises the Primer to address key U.S. federal and state legislative and regulatory changes and case law updates since its publication and 2) expands the Primer to include certain international privacy laws. | ||
| 1:00 — 2:00 p.m. | Grab-&-Go Lunch (provided) |
*Panel Moderator