Data Protection Design + Default Intensive Day 2018

Intensive Day – Wednesday, Oct 3, 2018

Intensive Days are all-day events that feature primarily small discussion groups among seasoned professionals. Intensive Days differ from workshops in that workshops are shorter and more introductory in nature.

Intensive Days are for seasoned professionals, and the discussion will be focused and advanced. Intensive Days are for deep dives into topics.

The Data Protection Design and Default Intensive Day is a way to join your peers in a sophisticated series of discussions about cutting-edge issues involving data security. There will be unparalleled interactivity. Most of the day will be spent in seminar-style discussion groups.

This is a discussion for experienced professionals in either privacy or security. A technical background isn’t required. Lawyers, CPOs, CISOs, and others are welcome.

What is the Data Protection Design and Default Intensive Day?

The Data Protection Design and Default Intensive Day is a special all-day event that will occur on the pre-conference day of the Privacy+Security Forum on Wednesday, October 3, 2018. 

George Washington University Marvin Center
800 21st Street Northwest
Washington, DC 20052


Stuart Shapiro
Stuart Shapiro

Principal Cyber Security and Privacy Engineer
MITRE Corporation

Jason Cronk
Jason Cronk

Privacy and Trust Consultant
Enterprivacy Consulting Group


Our chairs for the Data Security Intensive Day plan the event and determine the topics for discussion.

Data Protection Design + Default Intensive Day

Breaks and lunches will be with everyone present on the pre-conference day, so if you have colleagues attending workshops or Intensive Days on other topics, you will have time to network with them.

9:00 AM – 4:30 PM
Room 309



Conference Materials

7:30am – 9:00am   Breakfast
9:00am – 10:15am   Session 1
Room 311

Building a Model: Actors and Violations

In this session, participants will be introduced to the privacy by design concept and then learn how to identify individuals at risk, threat actors and potential privacy violations. Participants will work through an interactive example to explore building a privacy model from scratch.

10:15am – 10:45am   Break
10:45am – 12:00pm  Session 2

Room 311

Controls: Architecture, Strategies and Tactics

This session will examine the available controls to mitigate the risks from privacy violations. Participants will first look at system architecture and its role in creating privacy friendly processes. Next will be a systematic walk through of strategies and tactics than can be used.

12:00pm – 1:30pm Lunch
1:30pm – 2:45pm Session 3
Room 311

Analyzing Privacy Risks

Participants will discuss the consequences to individuals of privacy violations. This will be used to help build a privacy risk model based on FAIR, the Factors Analysis on Information Risk.

2:45pm – 3:15pm Break
3:15pm – 4:30pm Session 4
Room 311

The Design Process

In this session, all the elements will come together in a cohesive process to architect a privacy friendly system, secure data, supervise the use of data and balance individual interests against organizational activities. Participants will have the opportunity to apply the design process to real world examples.


The Data Protection Design and Default Intensive Day will be on Wednesday, October 3, 2018.  The Privacy+Security Forum will be on Thursday, October 4, 2018 and Friday, October 5, 2018.  The fee for participating in the Data Protection Design and Default Intensive Day is separate from the fee to participate in the Forum. You can register for the Data Protection Design and Default Intensive Day independently from the main Privacy+Security Forum.

Intensive Day Admission 2018

Early Bird

on or before July 31, 2018

Full Price

on or after August 1, 2018

Intensive Day (price for each)



Intensive Day (price for each – academic/NGO/gov’t)