Privacy Labs

Exploring given privacy topics that are contemporary and challenging for the data community

Proudly Sponsored By

Cognizant
Dentons
Iron Mountain
Privado

Introducing PICCASO Privacy Labs

PICCASO is a special interest group for professionals and organisations working across the data spectrum in the fields of privacy, data protection and information security. We are a not-for-profit, led by volunteers through the PICCASO Advisory Board and others who are senior stand out leaders in privacy, data protection and information security.

Through select events, thought-leadership papers, labs and webinars, we aim to harness the knowledge and experience of experts from across the privacy, data protection, and information security domains, and to inspire, challenge, and educate our community, elevating the practice of privacy, data protection and information security maturity within organisations and across sectors.

A Community of Professionals

The PICCASO community is drawn from across the UK, Europe, and beyond and from all public and private sectors. As a community of professionals, we value the importance of exchanging ‘know how’, insights, clarity and explanation on specific privacy, data protection and information security topics focused on distinguishing between legal requirements and operational implementation, with the aim of promoting greater understanding of how to achieve optimal outcomes based on good practice and thought leadership. 

The PICCASO community is open to all professionals and organisations that have a passion for privacy, data protection and information security. If you spend a considerable amount of your time considering data and its impact on your organisation, the economy and society, then this community is for you and we want to hear from you.

Why the PICCASO Privacy Labs Initiative?

The PICCASO Privacy Labs initiative is focused on helping enhance our industry by providing useful, pragmatic guidelines and tools where gaps exist among the plethora of other available materials. Each Lab will form a Working Group, made up of at least five member organisations with a Chair and Vice Chair presiding to ensure the objectives and timeframes are maintained, met and delivered. The objective is to create useful deliverables within a six-month period. Each workstream Chair will be expected to hold a webinar at the end to present the results to the wider community. 

The PICCASO Admin Team will help organise and manage the logistics, the deliverables and the communications for each Lab. The format will be five member organisations and two sponsorship organisations. Each working group will meet virtually once a month and physically twice at the beginning and end of each workstream. Deliverables will be professionally edited and created to ensure that the insights and advances produced can be shared in an open, transparent and professional manner, typically through PICCASO communication channels, which will be agreed and in collaboration with the communication partners of each Lab sponsor

Privacy Labs Objectives

Privacy Enhancing Technology (PETs)

Privacy Enhancing Technology (PETs)

The proposed objective for the PICCASO Privacy ‘PETs’ Lab will be to create a white paper/report and Tool Kit to help better understand how technology solutions (i.e. PETs) can help address some of the increasing legal and regulatory challenges in relation to customer intelligence given the challenges around the use of cookies and other tracking technologies, and customer intelligence platforms. Is it time for a technology rather than a legal/regulatory approach? Ultimately, it should provide an accessible and pragmatic paper and where or if appropriate, an accompanying tool that can help move the dial for the privacy professional in this space.

Privacy Risk Assessment Methodology (PRAM)

Privacy Risk Assessment Methodology (PRAM)

The proposed objective for the PICCASO ‘PRAM’ Lab will be to create a whitepaper/report and Tool Kit to help understand privacy risk, specifically looking at Threats, Vulnerabilities,Likelihood, Impact and suggested Controls. Then to map the relationship between privacy risks and an example ERM framework (within a participating organisation) together with International Standards on risk. A simple risk assessment tool should be created to help understand and capture a standard list of risks and controls, and should allow for the capability to measure existing and new risk mitigation controls. Such controls should be (where appropriate) related to specific case law, regulatory requirements or best practice / emerging standards in the risk space. Ultimately, it should provide an accessible and pragmatic whitepaper/report with the accompanying risk assessment tool that can help move the dial for the privacy professional in this nascent privacy risk capture and treatment space.

Environmental, Social and Governance (ESG)

Environmental, Social and Governance (ESG)

The proposed objective for the PICCASO Privacy ‘ESG’ Lab will be to create a paper and basic ‘Controls mapping to Privacy’ Tool Kit to help understand and map the relationship between ESG and Privacy. A simple mapping tool will be created to help understand how to measure existing and new controls that can be mapped to specific case law, regulatory requirements or best practice / emerging standards in this space. Ultimately, it should provide an accessible and pragmatic paper / accompanying tool that can help move the dial for the privacy professional in this space.