CACR: 2002 Conferences

2002 Conferences

11th CACR Information Security Workshop &
3rd Annual Privacy and Security Workshop
Privacy and Security: Totally Committed

November 7-8, 2002
The Faculty Club, 41 Willcocks Street, University of Toronto

Slides and Recordings of presentations can be found in the Schedule of Talks here. Free software for viewing the recordings can be downloaded from here.

Introduction:
The 11th CACR Information Security Workshop: Privacy & Security: Totally Committed will be held November 7 & 8, 2002, at the University of Toronto, Canada. This is the third annual conference jointly organized by the Office of the Information & Privacy Commissioner/Ontario and the Center for Applied Cryptographic Research, University of Waterloo.

Theme:
Privacy concerns on the part of citizens and consumers continue to grow according to a number of surveys conducted over 2002. As well, many governments and companies have found that each individual’s trust and confidence must be won and retained to successfully carry out their respective businesses. Consumers and citizens expect privacy and security, not one at the sacrifice of the other. For practitioners in the e-space, whether e-government or e-commerce, it should mean a total commitment to privacy and security.

This year’s conference will focus on the mutually dependent relationship that privacy and security have. At one level, privacy and security will be examined in the post 9:11 world through the paradigm that views both privacy and security as tools that protect democratic freedoms. On a technological level, privacy and security will be examined in a special workshop targeted to government Chief Information Offices and Privacy Commissions as they discuss issues of identity, linkability and observability of personal information. The mutual dependence of privacy and security will also be explored in an extended workshop on health privacy and security. This will take the form of an investigation in which the delegates will take on the role of investigator and be challenged to unravel the case and make recommendations. Finally, a number of internationally recognized experts will provide keynote addresses and lead workshops to help the delegates gain a better understanding of the need for total commitment to both privacy and security in their professional capacities.

This year’s conference is highly interactive, with sessions designed to be driven by delegates in their questions and presentation of problems. On the first day, there is an answer panel that will dispense with presentations and focus on answering the problems posed by the delegates. The goal of this year’s conference is to fundamentally change the day-to-day decisions that delegates make regarding privacy and security issues. This will be done by providing insight into the privacy and security interrelationship and by showcasing the key privacy and security tools and resources available for successfully working in the e-space.

Audience:
The intended audience includes technology and security experts, CIO's, senior technology executives, health professionals, cryptographers, engineers, law enforcement, practitioners, academics, private sector leaders, privacy experts and students.

Sponsors:

Centre for Innovation Law and Policy, University of Toronto
Certicom Corp.
Communications Security Establishment (CSE)
Fields Institute
IBM Canada
Microsoft Canada
MITACS
Office of the Information & Privacy Commissioner, Ontario
Pitney Bowes
University of Waterloo

Organizers:

Mike Gurski (Conference Chair), Office of the Information & Privacy Commissioner/Ontario
Alfred Menezes, University of Waterloo

Program Co-ordinators:

Patricia D'Costa, Office of the Information & Privacy Commissioner/Ontario
Debra Grant, Office of the Information & Privacy Commissioner/Ontario
Pasha Peroff, Office of the Information & Privacy Commissioner/Ontario

Speakers:

Steven Adler, IBM
Ken Anderson, Office of the Information & Privacy Commissioner/Ontario
Carol Appathurai, Ministry of Health
Ronda Bessner, Legal and Policy Cousultant
Steven Booth, Communications Security Establishment (CSE)
Stefan Brands, Credentica
Ruth Carey, HIV & AIDS Legal Clinic (Ontario)
Ann Cavoukian, Information & Privacy Commission/Ontario
Nancy Cheng, Communications Security Establishment (CSE)
Lorrie Cranor, AT&T Labs-Research
Roger Dingledine, Massachusetts Institute of Technology
Michael Eisen, Microsoft Canada
Hugh Ellis, Cinnabar Networks
Ross Fraser, Sextant Software
Beth Givens, Privacy Rights Clearing House
Debra Grant, Information & Privacy Commission/Ontario
Peter Hope-Tindall, DataPrivacy Partners
Susan Hyatt, Canada Health Infoway
Giovanni Iachello, Georgia Institute of Technology
Noela Inions, IPC/Alberta
Ian Kerr, University of Ottawa
Larry Korba, National Research Council, Canada
Patricia Kosseim, Canadian Institutes of Health Research
The Honourable Horace Krever
Duncan McDuff, Sun Life Financial
David McMahon, EWA-Canada Ltd.
Dr. Jay G. Mercer
Richard Owens, Centre for Innovation Policy and Law
Stephanie Perrin, Digital Discretion
Richard Purcell, Microsoft Corporation
Kent Roach, Faculty of Law, University of Toronto
Jeff Rosen, author of The Unwanted Gaze, George Washington University
Malcolm Saravanamuttoo, EKOS Research
Ari Schwartz, Center for Democracy and Technology
Chris Severin, IPC/Ontario
Janice G. Stein, Munk Centre, University of Toronto
Michael Waidner, IBM/Zurich
Miyo Yamashita, University Health Network
Jason Young, Faculty of Law, Queen's University
Paul Zatychec, EWA-Canada Ltd.

Schedule of Talks:

Speaker's Only Kick-off Dinner: November 6, 2002
Flavelle House, Faculty of Law, University of Toronto
78 Queen's Park Crescent

5:30-7:00pm

Refreshments & Dinner
(For Speakers Only)

Hosted by the Centre for Innovation Law and Policy, University of Toronto

7:00-8:00pm

Address to Speakers - Hosted by Microsoft Canada
text of speech (pdf)

Michael Eisen,
Sr. VP, Microsoft Canada

(For Speakers Only)

Day 1: November 7, 2002
Faculty Club, University of Toronto, 41 Willcocks Street

8:00am	Breakfast
9:00-9:20am	Introduction to Conference Themes and Objectives Mike Gurski, Conference Chair, IPC/Ontario
9:20-10:00am	Getting to the Truth About Privacy and Security slides (powerpoint) Ann Cavoukian, Commissioner, IPC/Ontario
Recording of 9:00-10:00 am presentations
10:00-11:00am	Keynote Speech: Privacy and Security as Public Goods: Efficiency and Accountability in a Networked World outline of talk (Word file) Janice Gross Stein, Munk Centre for International Studies, University of Toronto
Recording of 10:00-11:00 am presentation
11:00-11:15am	Discussion Break
11:15-1:00pm	Anti-Terrorism and Privacy, One Year After Nancy Cheng, Communications Security Establishment slides (powerpoint) Richard Owens, Faculty of Law, University of Toronto slides (powerpoint) Kent Roach, Faculty of Law, University of Toronto slides (powerpoint) Malcolm Saravanamuttoo, EKOS Research send request for slides
Recording of 11:15-1:00 pm presentations
1:00-2:15pm	LUNCH Identity Theft: the Ins and Outs slides (powerpoint) Beth Givens, Privacy Rights Clearing House
Recording of 1:00-2:15 pm presentation
2:15-3:30pm	Breakout #1 PETs today, PETS tomorrow Moderator: Pasha Peroff Roger Dingledine, Massachusetts Institute of Technology slides (pdf) Michael Waidner, IBM/Zurich slides (pdf)	Breakout #2 The Future of P3P Moderator:Jason Young, Queen's University Lorrie Cranor, AT&T Labs-Research Ari Schwartz, Centre for Democracy and Technology slides (powerpoint)	Breakout #3: Continuing the Dialogue between IPCs and CIOs Opening: Ann Cavoukian How Security Fits into Privacy: Managing the Interface Open Forum
3:30-4:00pm	Break
4:00-5:00pm	Ask the Experts how to Solve your Privacy Problems Moderator: Ken Anderson, IPC/Ontario Peter Hope-Tindall, dataPrivacy Partners Stephanie Perrin, Digital Discretion Richard Purcell, Microsoft Corporation Michael Waidner, IBM/Zurich		Breakout #3 cont’d
Recording of 4:00-5:00 pm presentations
5:00-8:30pm	Reception, Dinner, Presentation by Microsoft: Richard Purcell, Corporate Privacy Officer, Microsoft Corporation

Day 2: November 8, 2002
Faculty Club, University of Toronto, 41 Willcocks Street

8am	Breakfast
8:55am	Opening Remarks Mike Gurski, Conference Chair, IPC/Ontario
9:00-9:05am	Steven Booth, Communications Security Establishment (CSE) slides (powerpoint)
9:05-9:10am	Introduction Ann Cavoukian, Commissioner, IPC/Ontario
9:10-10:10am	The 3 Greatest Challenges Regarding Privacy Jeff Rosen, Author of The Unwanted Gaze
Recording of 8:55-10:10 am presentations
10:10-10:30am	Break
10:30-12:15pm	Breakout #1 Mock Public Health Inquiry- Privacy: The First Eletronic Health Victim Case Study and Investigation of Privacy Breach with Recommendations The Honourable Horace Krever Ken Anderson, IPC/Ontario Carol Appathurai, Ministry of Health Ruth Carey, HIV & AIDS Legal Clinic (Ontario) Hugh Ellis, Cinnabar Networks Ross Fraser, Sextant Software Noela Inions, IPC/Alberta Patricia Kosseim, Canadian Institutes of Health Research Duncan McDuff, Sun Life Financial David McMahon, EWA-Canada Richard Owens, Faculty of Law, University of Toronto Chris Severin, IPC/Ontario Working Group: Ronda Bessner, Legal and Policy Consultant Debra Grant, IPC/Ontario Susan Hyatt, Canada Health Infoway Dr. Jay G. Mercer Richard Owens, Faculty of Law, University of Toronto Miyo Yamashita,University Health Network Background Material: Scenario, Agenda, Insurance forms, References
Recording of 10:30-12:15 pm presentations
12:15-1:45pm	LUNCH ISPs - Internet's Secret Police? slides (powerpoint) Ian Kerr, Canada Research Chair in Ethics, Law and Technology, University of Ottawa and Special Counsel, Technology Law, Nelligan O'Brien Payne LLP
Recording of 12:15-1:45 pm presentation
1:45-3:15pm	Breakout #1 Mock Health Inquiry: Continued	Breakout #2 Cutting Edge of Privacy Technology: Examination of new tools that help design privacy into technology. Moderator: Patricia D'Costa, IPC/Ontario Stefan Brands, Credentica slides (powerpoint) Peter Hope-Tindall, dataPrivacy Partners slides Larry Korba, National Research Council slides (powerpoint)	Breakout #3 Sharing Best Practices and Pitfalls CIOs and IPCs Closed door session - By invitation only
Recording of 1:45-3:15 pm Breakout #1 presentations
3:15-3:30pm	Break
3:30-4:30pm	Breakout #1 Mock Health Inquiry: Continued	Breakout#2 Testing and Evaluation of Technologies using the Common Criteria Moderator:Steve Adler, IBM Giovanni Iachello, Georgia Institute of Technology slides (powerpoint) Paul Zatychec, EWA-Canada slides (powerpoint)	Breakout #3 Round Table Continued
Recording of 3:30-4:30 pm Breakout #1 presentations
4:30-5:30pm	Summations: Closing Comments by selected speakers

Registration:
There is no registration fee for guests invited by the sponsors (Centre for Innovation Law and Policy, Certicom, Communications Security Establishment, Fields Institute, IBM, Information & Privacy Commissioner, Microsoft, MITACS, and Pitney Bowes). The registration fee for other participants is Cdn $300 (US $200).

Please register as soon as possible as space is limited for this workshop; registration is on a first-come first-serve basis. Registration fees will include admission to all presentations, breakfasts, lunches, the banquet, and handouts. To register, complete, in full, the attached REGISTRATION FORM and return it along with your payment (if applicable) to:
Mrs. Frances Hannigan,
C&O Dept.,
University of Waterloo,
Waterloo, Ontario, Canada N2L 3G1.

You may also register by email (fhannigan@math.uwaterloo.ca) or by phone (Frances Hannigan: 519-888-4027). Payment is also acceptable by credit card (VISA or MasterCard only) at the start of the conference. However, your credit card number is required at that time and receipt of payment will only be forwarded at the end of the conference.

Accommodations:

The Faculty Club is located on Wilcocks Street between Spadina and Huron. You can find the closest hotels listed on the Fields Institute web-site at: www.fields.utoronto.ca/resources/housing.html. There are no rooms set aside specifically for this workshop, however, you can still request for the Fields Institute Corporate rate when booking your room.

------------------------cut from here---------------------------------
11th CACR INFORMATION SECURITY WORKSHOP      REGISTRATION FORM
PRIVACY AND SECURITY: TOTALLY COMMITTED

Full name:
_________________________________________________________

Affiliation:
_________________________________________________________

Address:
_________________________________________________________

_________________________________________________________

_________________________________________________________

_________________________________________________________

_________________________________________________________

E-Mail Address:
_________________________________________________________

Telephone #:
_________________________________________________________


Please specify which Session you wish to attend
[there is limited space, so please let us know]

November 7, 2002
   Breakout #1  [ ]    Breakout #2  [ ]    Breakout #3 [ ]
   Steps toward     Security & Privacy:    IPCs &  CIOs
   STEPS                  The Tug of War

   Dinner with Microsoft [ ]

November 8, 2002
   Breakout #1 PM [  ]    Breakout #2 PM  [ ]      Breakout #3  [ ]
   Health Inquiry         Privacy Technology       CIOs and IPCs Only
   Cont'd from AM


Registration Fee: Please check the appropriate box:

    [ ]  Registration..........................$300 Cdn

    [ ]  Registration..........................$200 US

    [ ]  Invited by sponsor....................no fee 

         Sponsor's Name: ____________________________

         Total                                $___________

**Make Cheque/Money Order Payable in Cdn or US funds only to: CACR

Credit Card Payments:

[  ] Visa                  [  ] MasterCard

Cardholder's Name: ________________________________________________

Card Number: ______________________________________________________

Expiration Date: __________________________________________________

Signature: ________________________________________________________


-------------------------cut from here-------------------------------

Back to CACR home page