This week I am attending the IAPP privacy academy in San Francisco. This morning, the big event kicked off with a big tent event of keynotes followed by individual breakout sessions. Some of the highlights:

• Scott Charney discussing his experiences in information security, the importance of privacy, and security and marketing professionals working in tandem. He was a lively and humorous speaker who captivated the attention of attendees. He had some interesting data from survey research, which was not highlighted as prominently as it deserved, possibly due to time constraints. His overall message resounded well with privacy newbies and seasoned experts alike.
• Conducting and Surviving an Internal Audit of Privacy. This breakout session was a splendid example of combining specific detail along with general best practices. The session covered four example scenario's, ranging from privacy officers tasked with building a privacy audit program to a possible privacy breach. The panelists spoke from personal experience about educating poor auditors, and converting and handling hostile auditees. This session struck the right balance between too high and too low a level that some other breakout sessions fell victim too.

The conference comes to a close tomorrow. Good luck to the 200 people taking the CIPP exam tomorrow!