There seems to be a privacy conference every week in the United States or Europe.  However, privacy training and policy development in Latin America is not nearly as well developed as that in the United States and Europe.  Latin America has one annual conference that is clearly considered the conference of conferences.  It is organized by the Superintendent of Industry and Commerce of Colombia (SIC), the country’s data protection authority.  For the past five years, I have had the honor of being the adviser to the International Data Protection Congress in Colombia (Colombia Congress), and for the past four years the Information Accountability Foundation (IAF) has been a co-sponsor of the Colombia Congress.  My congratulations and thanks to María Claudia Caviedes Mejía, SIC Deputy Superintendent for Data Protection, and to the entire SIC for another outstanding conference, and my thanks to them for working with the IAF. 

What makes the Colombia Congress special?  First, I believe it is the commitment by SIC to make the sessions cutting edge and to make the conference truly international by including experts from Europe and North America.  The Colombia Congress always includes a panel that is composed of their counterparts from other Latin America countries. 

Second, the Colombia Congress focuses on an agenda that deals with not only current Colombia issues but also sets a pathway to the future.  In my opening remarks, I related data protection to the best international football (what Americans call soccer).  The best teams have strikers who anticipate where the ball will be and are there when it arrives.  However, the strikers are dependent on the midfielders and backers who must basically control the ball until the time is right.  Data protection is a mixture of managing today’s issues while preparing for the inevitable shocks from new technology.  I believe SIC organized a conference that included that mix. 

The sessions focused on how Colombia and other Latin countries might govern global data flows in a manner that are consistent with national laws and still work with modern mechanisms such as cloud computing.  The sessions also focused on the fast pace of change in observational technologies and how they will impact compliance in future years.  There were also sessions on why data impact assessments are so important and how models that demonstrate compliance with those assessments might be conducted.  There was a session and numerous references to how the EU General Data Protection Regulation will impact Latin America and to the potential confusion due to the draft EU ePrivacy Regulation.  Lastly, there was a session that discussed the APEC transfer model, its relevance to Latin America, and the importance of regulator cooperation to the success of APEC.

The Colombia Congress is a conference where people truly come to learn and think.  This dedication leads me to continue to believe that information policy dialog is important.  For example, Friday evening, I was approached by one of the South American commissioners who has participated in the Colombia Congress for years.  He said the conference every year opens participants’ eyes to new ways in which they might think about data protection.  He also said the Congress must continue.  SIC and IAF have already agreed to begin work on year six.

For me, of all the conferences IAF does, the Colombia Conference is the most satisfying.  My global colleagues, I suggest you come South and join in the meaningful policy discussions that are taking place.  My colleagues who traveled to Bogota, thank you again for joining IAF in this journey.