Daragh O Brien of Castlebridge Associates has been a regular contributor to Data Quality Pro expert articles over the years, specialising in Data Protection, Data Governance and Data Quality.
This year marks the second anniversary of the Information Governance and Quality Ireland event that Daragh has been responsible for hosting.
I recently caught up with Daragh to learn more about this unique event that combines Data Protection, Data Governance and Information Quality topics. I also wanted to find out the latest news with data protection laws in the EU.
Dylan Jones : It is well known that a lot of companies have historically played ‘fast and loose’ with data protection, but I’m speaking to more and more that are finally taking action. Why do you think that is?
Daragh O Brien : There are four key reasons:
Organisations are waking up to the issues of data privacy, in response to increased consumer awareness. The ‘Snowden Effect’ and awareness of mass surveillance by governments, and in turn by private companies, is a contributing cause, but also research has increasingly proven that the assumption that people don’t care about privacy is just wrong – they do, and they are increasingly taking steps to protect themselves.
The media are increasingly interested in the topic, and are increasingly well informed on the issues and less likely to be swayed by spin. Add to that the effect of social media, where press statements can be quickly scrutinised by a global pool of experts, and the days of ‘mushroom management’ about Data Protection are rapidly ending.
Organisations that are adopting a proactive approach to Data Protection are seeing potential overlaps and economies of scale with other regulatory drivers (for example the Data Lineage requirements in Solvency II are similar to the requirement under Data Protection rules to know how and where you obtained personal data).
The forthcoming EU Data Protection Regulation, regardless of its final form, presents a significant upscaling of penalties and the nature and scope of offences. Organisations that are looking at that are realising that the change necessary to realign internal operations will take at least two years, and the Regulation will be law within that time frame. EUR100 million or 5% of global turnover is a level of penalty that gets attention!
Dylan Jones : What is the latest update on the EU data protection regulations? Are they bogged down in red tape or making progress?
Daragh O Brien : A little of both. The legislative process in the EU is always long, particularly for legislation as complex and as heavily lobbied as this. However, the Council of Ministers has been making significant progress agreeing their draft of the Regulation, making some changes to the text agreed by the Parliament earlier in the year, and the incoming EU Commission has set a strong goal of finalising the text as soon as possible.
It is a tricky balancing act – delivering the legislation quickly has benefits, but rushing it could result in unforeseen complications.
However, the Court of Justice appears to be nudging things with their ruling Google v Spain (Right to Be Forgotten). This confirmed that a version of the Right to be Forgotten already exists but also, very significantly, created a precedent for the existing EU Data Protection Directive to be applied to non EU based companies with subsidiaries in the EU., similar to the provisions in the draft Regulation.
Dylan Jones : It is the second year running for IGQIE so what can people expect to learn at this year’s event?
Daragh O Brien : Last year we did a Master Class on Data Governance basics and some practical insights on how they apply to Data Protection.
This year, we are going a little deeper and aim to make the connections a bit more tangible.
We will have one of Ireland’s leading experts on Data Protection law giving a whistlestop briefing on the current and future state of play in EU Data Protection law.
We also will be looking at the impact of business input in data modelling on data protection compliance, the issues of Ethics in Big Data Analytics, and the implications of Life Logging and the Internet of Things, and the impact of Privacy on Information Strategy.
Finally, our Keynote will bring all of these themes together to help people connect the dots.
Each of our presenters is an acknowledged expert in their field, so the morning will be an intense master class in its’ own right.
The afternoon will feature two of the leading experts in Data Governance internationally, Sue Geuens and Joy Medved, who will be teaching tutorials on How to Get Started and How to Keep Going. Details of the tutorials are on the conference website.
People attending for just the morning will learn a lot about the legal drivers, the tactical and strategic issues, and the opportunity for overlapping of models and frameworks for managing data to deliver effective, and demonstrably effective, Data Governance for Data Protection.
Dylan Jones : A few of our members attended last year and commented that the event has a unique feel compared to a lot of the ‘mega-events’ in the calendar – is that something you’ve tried to focus on intentionally?
Daragh O Brien : Yes. While I love the ‘mega events’ and am honoured to speak at them, the events we’ve run in Ireland previously have always been focussed on creating intense learning experiences with smaller groups, a clearly defined theme, and better opportunities for discussion and interaction.
In larger markets it is easier to fill bigger events, but my personal experience of ‘big tent’ events in Ireland is that they have often been underwhelming. We’ve tried to learn from that and build an ‘espresso strength’ concentrated learning experience for delegates that is focussed, informative, and fun at a price that won’t break the bank for most organisations.
Dylan Jones : Who will benefit from the event and, if they are interested in finding out more, what should they do next?
Daragh O Brien : The event has been designed to benefit everyone from the ‘Doers’ to the ‘Strategists’ in organisations. We created some user stories on the website that discuss the benefits for each type of delegate.
Anyone who wants to learn about data protection and data privacy issues and how to use existing organisation capabilities to start preparing for the opportunities of the Data Protection Regulation, or anyone who wants to figure out what those capabilities need to be, will benefit from coming to IGQIE2014.
Normal ticket prices continue until 1st Nov and then our ticket prices go up for Late Bookers. Places are limited for the event and there are only a few places left for the morning and afternoon sessions. Book now to avoid disappointment and to avoid the Late booker prices.
Dylan Jones : Thanks for the update Daragh and good luck with the event.
About Daragh O Brien
Daragh O Brien is the Managing Director of Castlebridge Associates.
Daragh has over a decade and a half of experience in IQ, DG, Data Protection/Privacy, and Regulatory Compliance roles on projects as diverse as CRM Single View (MDM) and Regulatory Compliance and Remediation. He has worked with clients in a range of sectors from not-for-profits and startups, to telecommunications companies, financial services organisations, and public sector bodies.
He is a Charter Member of the IAIDQ, an Information Quality Certified Professional (IQCPSM), a Certified Data Protection Practitioner, and a Fellow of the Irish Computer Society. Daragh has served on the IAIDQ’s Board of Directors . He is a frequent speaker at conferences worldwide, and has written countless articles on Information Quality topics. He has written two books on Information Quality and Data Strategy and contributed to a number more.
He is currently Global Privacy Advisor to DAMA International.
Image credits : Flickr Creative Commons : informatique