Moderated by Luca Belli, CTS-FGV and Nicolo Zingales, CTS-FGV.
Ana Brian, UN special Rapporteur for Privacy; Waldemar Gonçalves, President Director, ANPD; Evelyn Miller, Vice President, Data and Privacy policy, Meta; Daniel Vazquez, Head of Growth, NYM Technologies; Yasodara Cordova, Principal Privacy Researcher, Unico IDtech; Nina da Hora, Researcher, CTS-FGV.

Organizado por/ Organised by: Autoridade Nacional de Proteção de Dados
Moderado por / Moderated by: Davi Teofilo Nunes Oliveira, ANPD
Paula Vargas, Meta/WhatsApp; Jamila Venturini, Derechos Digitales; Nairane Farias Rabelo Leitão, ANPD; Camilla Schrappe, Tiktok;Juan David Gutiérrez, Universidad de Rosario

A regulamentação e a governança de dados apresentam desafios complexos para os formuladores de políticas e partes interessadas. Diferentes organizações, como Council of Europe (COE) , Asia-Pacific Economic Cooperation (APEC), Organização das Nações Unidas (ONU) e Organização para a Cooperação e Desenvolvimento Econômico (OCDE) buscam se tornar relevantes no cenário ao propor agendas e frameworks para melhorar o acesso e o compartilhamento de dados, abordando desafios relacionados à privacidade, proteção de dados, segurança, comércio e desenvolvimento. No entanto, essas agendas nem sempre são alinhadas ou compatíveis entre si e podem criar tensões ou lacunas no cenário latino americano de governança de dados. Além disso, as agendas regionais para o tema de proteção de dados podem encontrar entraves na concorrência por espaço entre as diversas normativas.
Esta sessão visa explorar os obstáculos e oportunidades relacionados à governança de dados em um mundo multilateral. Ela reunirá especialistas e profissionais de diferentes setores e países para discutir:

• Quais são os objetivos e princípios das diferentes agendas de proteção e governança de dados propostas por organismos internacionais/multilaterais? Como eles diferem ou se complementam?
• Quais são os desafios e oportunidades para a coordenação e coerência entre essas agendas? Como os potenciais conflitos ou trade-offs podem ser mitigados?
• Como os diversos setores, como sociedade civil, poder público, academia e empresarial podem participar de forma mais significativa dessas discussões multilaterais e multissetoriais?

Referências:

• https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/986160/Annex_2__Roadmap_for_cooperation_on_Data_Free_Flow_with_Trust.pdf
• https://direitorio.fgv.br/conhecimento/governanca-e-regulacoes-da-internet-na-america-latina

Organizado por/ Organised by: Bruno Renzetti, Insper
Moderado por / Moderated by: Camila Leite, IDEC
Bruno Renzetti, HK Advogados/Insper; Nicolo Zingales, FGV Direito Rio; Maria Paz Canales, Global Partners Digital; Erika Douglas, Temple University

The past few years have seen a growing interest in how antitrust should deal with digital platforms. Despite the magnitude of the changes, there has not been significant reflection on the implications and consequences of the business models of digital platforms for competition, consumers, and society. Questions related to the role privacy and data protection should play in antitrust analysis have sparked several scholarship pieces.
Antitrust authorities around the globe have begun to employ some theories of harm related to privacy and data protection. But what has it achieved so far? The panel discusses the practical outcomes of data and privacy being taken into account in competition law and policy.
By gathering people from different nationalities and backgrounds, this panel aims to (i) present an overview of the most recent discussions on the intersection between antitrust and data protection/privacy and (ii) present the differences between how each one of these jurisdictions deal with these issues.

References:

• OECD Handbook on Competition Policy in the Digital Age.
• AUSTRALIAN COMPETITION & CONSUMER COMMISION. Digital Platforms Inquiry. Camberra: ACCC Publisher, 2019.
• CRÉMER, Jacques; DE MONTJOYE, Yves-Alexandre; SCHWEITZER, Heike. Competition Policy for the Digital Era. Brussels: European Commission Final Report, 2019.
• FURMAN, Jason; COYLE, Diane; FLETCHER, Amelia; et al. Unlocking Digital Competition: Report of the Digital Competition Expert Panel. Londres: [s.n.], 2019.
• LANCIERI, Filippo; SAKOWSKI, Patricia Morita. Competition in Digital Markets: A Review of Expert Reports. Stanford Journal of Law, Business & Finance, v. 26, n. 1, p. 65–170, 2021.
• STIGLER CENTER. Stigler Committee on Digital Platforms, Final Report. 2019.
• DOUGLAS, Erika. The New Antitrust/Data Privacy Interface. The Yale Law Journal Forum, 2021.

Organizado por/ Organised by: School of Data Science, University of Virginia
Moderado por / Moderated by: Jess Reia, School of Data Science, University of Virginia
Thiago Nascimento, LabJaca; María Julia Giorgelli, Defensoría del Pueblo; Thallita Lima, Centro de Estudos de Segurança e Cidadania: CESeC; Luã Cruz, Idec.

Ao longo de anos de trabalho dedicado ao mapeamento dos impactos de projetos centrados em dados nas cidades, vimos como os interesses privados muitas vezes moldam as políticas, as leis e os serviços públicos. Mesmo em países com uma estrutura regulatória robusta de proteção de dados e privacidade, os governos locais lutam para equilibrar a eficiência prometida por projetos de big data e a salvaguarda dos direitos humanos. Apesar de desigualdades históricas permearem a implementação de soluções digitais, várias delas são desenvolvidas sem ouvir residentes ou considerar o conhecimento das comunidades locais. Além disso, as questões de justiça ambiental, igualdade de gênero, proteção de dados e tecnologia de interesse público nem sempre estão na agenda dos investimentos maciços em inteligência urbana. Dada a consolidação contínua de projetos urbanos inteligentes de inteligência artificial (IA), large language models (LLMs) e smart cities que desconsideram o engajamento cívico e as prioridades das comunidades que servem – especialmente na América Latina – precisamos questionar a implantação de tecnologias com alto potencial de danos tais como sistemas de reconhecimento facial, automação de decisões e bases de dados centralizadas. A partir da experiência em diferentes contextos e procurando compartilhar estratégias para proteger direitos digitais, este painel será um espaço de aprendizado e diálogo sobre engajamento com dados, burocracias e poder corporativo em cidades latinomaericanas. Vamos discutir boas práticas, erros a se evitar e ideias para alavancar redes de colaboração.

Referências:
Artigos:

Reia, J. & Cruz, L. (2023). Cidades inteligentes no Brasil: conexões entre poder corporativo, direitos e engajamento cívico. Cad. Metropole, Dossiê: novas agendas urbanas, 25 (57), May-Aug 2023. https://doi.org/10.1590/2236-9996.2023-5705

Livros:

Brandusescu, A. & Reia, J. (Eds.). (2022). Artificial Intelligence in the City: Building Civic Engagement and Public Trust. Centre for Interdisciplinary Research on Montreal, McGill University. https://doi.org/10.18130/9kar-xn17

Reia, J. & Belli, L. (2021). Smart Cities no Brasil: Regulação, tecnologia e direitos. [“Smart Cities in Brazil: Regulation, Technology and Rights”]. Belo Horizonte, Brazil: Editora Letramento/Casa do Direito. https://doi.org/10.18130/p1me-mf66

Lima, T. G. L.. Coleção Panorama: Câmeras Corporais. 01. ed. Rio de Janeiro: [sine loco], 2022. v. 1. 32p. https://drive.google.com/file/d/1QjJSFbJkF6JO-5o2wYDFPOI_nWCaBQ2l/view

Capítulos:

Reia, J., Fergus Cruz, L. (2021). Seeing through the smart city narrative: data governance, power relations, and regulatory challenges in Brazil. In: B. Haggart, N. Tusikov & J. A. Scholte. Contested Power and Authority in Internet Governance: Return of the State?. Abingdon/UK and New York/US: Routledge. https://www.routledge.com/Power-and-Authority-in-Internet-Governance-Return-of-the-State/Haggart-Tusikov-Scholte/p/book/9780367442033

Estudos:

Painel unificador Covid-19 nas favelas:
https://www.labjaca.com/posts/conheca-o-painel-unificador-covid-19-nas-favelas

Derechos digitales y protección de datos personales:
https://defensoria.org.ar/derechos/democracia-y-digitalidad/derechos-digitales-y-proteccion-de-datos-personales/

Um Rio de câmeras com olhos seletivos: Uso do reconhecimento facial pela polícia fluminense
https://opanoptico.com.br/Caso/um-rio-de-cameras-com-olhos-seletivos-uso-do-reconhecimento-facial-pela-policia-fluminense/

Links institucionais:

https://datascience.virginia.edu/
https://idec.org.br/
https://www.labjaca.com/
https://defensoria.org.ar/
https://opanoptico.com.br/

Moderado por / Moderated by: Franco Giandana Gigena, Access Now
Barbara Simão, InternetLab; Pedro de Perdigão Lana, IODA/ISOC; Raquel Rachid, Lapin

Facial recognition and other biometric data are presented as a type of personal data that allows security forces to manage the security of urban spaces with supposedly greater certainty, for example, by identifying and verifying passers-by in search of fugitives or dangerous people. There is a whole market for facial recognition systems, and other biometric data, to which states turn today in search of reinforcing the surveillance, control, and security narratives in cities, but are they really efficient? What are we giving up in exchange?
In this session, we will explore the presumed advantages that exist in implementing mass surveillance mechanisms in public spaces based on biometric data, and who are the main providers of these systems. We will introduce the audience to the different biometric surveillance mechanisms that exist, their possible indiscriminate uses, and the technical processes that these systems enable, that is, how they process data and how the algorithms they use actually work. For example, we will differentiate between the concepts of false negative and false positive, and how these can occur as a result of the automatic processing of biometric data.
Then, we will inquire about the negative consequences that these systems could have for the privacy of the people who inhabit or transit the cities, and how is the current situation in the Latin American region.

The dialectic presented by the concepts of security and privacy is a great starting point to counter different opinions about their relationship, and about the tension that is generated between them, and this is particularly true in cases of mass surveillance based on biometric data. This session offers information and elements to inspire in the audience a renewed sense of privacy, its meaning in an increasingly datafied context, and in relation to the caution that must be maintained against technological solutions that are presented as magical problem solvers.

Organizado por/ Organised by: Associação Data Privacy Brasil de Pesquisa
Moderado por / Moderated by: Bruno Bioni, Associação Data Privacy Brasil de Pesquisa
Johanna Monagreda, Associação Data Privacy Brasil de Pesquisa; Patrícia Tavares, Defensoria Pública do Estado do Rio de Janeiro; Paola Ricaurte, Instituto Tecnológico y de Estudios Superiores de Monterrey; Juan de Brigard, Fundación Karisma

A atividade propõe a exibição do vídeo-documentário “Justiça Social na Era dos Dados”, que apresenta uma visão crítica sobre a proteção de dados pessoais e sua relação com justiça socioeconômica, seguida de um debate entre palestrantes de diferentes países latinoamericanos. O documentário instiga a pensar como gênero, raça e classe se apresentam como elementos capazes de determinar a forma diferenciada com que alguns grupos sociais são afetados pelas tecnologias de processamento de dados.

O curta-metragem surge a partir de aprendizados vindos de dois anos de trabalho em parceria da Associação Data Privacy Brasil de Pesquisa e as Defensorias Públicas do Estado de São Paulo, do Rio de Janeiro e da Bahia. O trabalho conjunto teve como propósito o aprimoramento do trabalho das instituições pela proteção de dados pessoais em sua relação direta com a defesa de outros direitos fundamentais como a saúde, o transporte e o auxílio social, promovendo mecanismos modernos de justiça social na compreensão dos tempos atuais.

O documentário deverá instigar debate entre os painelistas, que irão relatar suas experiências trabalhando com proteção de dados em sua dimensão de justiça social, e a audiência. Serão discutidos temas como a relação entre gênero, raça e classe e a proteção de dados pessoais, além de mecanismos de enfrentamento às violações a esse direito.

https://www.dataprivacybr.org/documentos/justica-social-na-era-dos-dados-documentario/?idProject=188
https://www.dataprivacybr.org/projeto/expandindo-o-papel-dos-defensores-publicos-na-protecao-de-dados-pessoais-no-brasil/
https://defensoria.rj.def.br/noticia/detalhes/20437-DPRJ-e-Data-Privacy-levam-curso-de-Direitos-Digitais-para-as-favelas
https://web.karisma.org.co/vigilando-a-las-buenas-madres/
https://archive.org/details/let-us-imagine

Organizado por/ Organised by: Universidade Estadual da Paraíba
Moderado por / Moderated by: Cláudio Lucena, Universidade Estadual da Paraíba
Sizwe Snail, Nelson Mandela University; Clara Langevin, C4IR Brasil; Eduardo Magrani, PhD, Senior Consultant at CCA Law Firm, Affiliate at the Berkman Klein Center of Harvard University

Regulação inteligente, ágil, dinâmica e equilibrada em todas as áreas, e particularmente para o cenário de inovação e do ecossistema de convergência digital é um desafio geracional. Instrumentos, recursos e alternativas tradicionais que sempre estiveram disponíveis na caixa de ferramentas regulatórias das várias jurisdições pelo mundo simplesmente já não acomodam muitos dos novos fenômenos e realidades tecnológicas de nosso tempo. Regulamentar, moderar e manter a governança para tecnologias de ponta é um exercício complexo, sobre o qual muito já foi refletido, discutido e debatido. Apesar disso, desdobramentos práticos e alternativas concretas além do repertório convencional ainda precisam e envolvem muita experimentação. Esta sessão pretende mapear e apresentar algumas dessas novas iniciativas de regulamentação/governança, explorar como e em quais casos elas foram propostas ou usadas e compartilhar as lições aprendidas nos casos em que foram aplicadas em situações reais.

Referências:

• Open Loop – A Global Experimental Governance Program:https://openloop.org/
• Privacy Enhancing Technologies Sandbox – Singapore:https://www.pdpc.gov.sg/news-and-events/announcements/2022/07/launch-of-privacy-enhancing-technologies-sandbox

Organizado por / Organised by: Prado Vidigal Advogados
Moderado por / Moderated by: Carolina Giovanini, Prado Vidigal Advogados


Loren Spíndola (Associação Brasileira das Empresas de Software – ABES);Thiago Moraes (Coordenador de Inovação e Pesquisa e Encarregado de Dados da Autoridade Nacional de Proteção de Dados – ANPD);Frederico Boghossian Torres (Data Privacy Counsel no Mercado Livre)


Assim como ocorreu durante o desenvolvimento das legislações sobre proteção de dados, a gramática de avaliação de riscos passa a assumir um papel relevante na governança de sistemas de inteligência artificial, sendo acompanhada de rotinas e procedimentos internos. No contexto de desenvolvimento de instrumentos de governança para sistemas de IA, destaca-se a avaliação de impacto algorítmico, compreendida como uma ferramenta utilizada na identificação de possíveis consequências de uma determinada iniciativa sobre interesses socialmente relevantes. O painel proposto tem como objetivo suscitar o debate entre especialistas com diferentes bagagens e incentivar a discussão sobre tópicos como:

• Como controles de proteção de dados podem auxiliar no desenvolvimento de instrumentos de governança de IA (como a avaliação de impacto algorítimo)?
• Avaliação de impacto algorítimo e relatório de impacto à proteção de dados: quais são as semelhanças e diferenças entre esses instrumentos?
• Quando realizar avaliações de impacto algorítmico? Quais aspectos devem ser abordados em uma avaliação de impacto algorítmico?
• Accountability, transparência e preservação do segredo de negócio.

Referências:

ANDRADE, Norberto Nuno Gomes de; KONTSCHIEDER, Verena.AI impact assessment: a policy prototyping experimente.Open Loop, 2021, p. 30, 35-36 e 75-76. Relatório técnico. Disponível em:https://openloop.org/wp-content/uploads/2021/01/AI_Impact_ Assessment_A_Policy_Prototyping_Experiment.pdf.

JANSSEN, Heleen. Detecting new approaches for a fundamental rights impact assessment to automated decision-making.International Data Privacy Law, Oxford, v. 10, n. 1, p. 76-106, fevereiro 2020. Disponível em:https://doi.org/10.1093/idpl/ipz028.

MANTELERO, Alessandro. AI and Big Data: A blueprint for a human rights, social and ethical impact assessment. Computer Law & Security Review 34, 4 (Aug. 2018), 754–772.https://doi.org/10.1016/j.clsr.2018.05.017.

MANTELERO, Alessandro. Beyond Data: human rights, ethical and social impact assessment in AI.Berlim, Alemanha: Springer, 2022. Disponível em:https://link.springer.com/book/10.1007/978-94-6265-531-7.

METCALF, J., MOSS, E., WATKINS, E.A., SINGH, R., ELISH, M.C.: Algorithmic impact assessments and accountability: the co-construction of impacts. In: Proceedings of the 2021 ACM conference on fairness, accountability, and transparency. pp. 735–746. Association for Computing Machinery, New York, NY, USA (2021).https://doi.org/10.1145/3442188.3445935.

WIERINGA, Maranke. 2020. What to account for when accounting for algorithms: a systematic literature review on algorithmic accountability. In Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency.ACM, Barcelona Spain, 1–18.https://doi.org/10.1145/3351095.3372833.

Organizado por/ Organised by: Nicolo Zingales, MyData Brasil
Moderado por / Moderated by: Nicolo Zingales, MyData Brasil
Carolina Banda, Max Planck Institutefor Innovation and Competition; Diogo Richter, CTS-FGV; Camila Leite, IDEC; Jenifer Rodriguez, Max Planck Institute for Competition and Innovation

This panel will focus on legal and policy questios related to the proposals currently discussed in Brazil and Europe regarding the opening up of health datas in different forms. In particular, it will discuss data protection challenges related to the effectiveness of portability with the permissioned sharing of one’s health data, the opening up of health plan coverage and aggregate data by health care providers, and its reuse by researchers. To that end, the panel will bring together scholars from health policy and data protection from the two jurisdictions to discuss the legal basis and the limits of these proposals, with a view to providing input into the ongoing policy debate.

Organizado por/ Organised by: Palma Guedes Advogados
Moderado por / Moderated by: Tatiana Campos Matos, Advogada, Palma Guedes Advogados
Fabricio Lopes, Coordenador-Geral de Fiscalização da ANPD; Antonio Hiunes, Regulatório das Organizações Globo

Organizado por/ Organised by: Autoridade Nacional de Proteção de Dados
Moderado por / Moderated by: Diego Carvalho Machado, ANPD
Jonathan Mendoza, Secretary for Data Protection, Mexican Data Protection Authority (INAI); Maria Badillo, Future of Privacy Forum; Laura Galindo Romero, META; Khaled El-Emam, University of Ottawa

For decades, data anonymization has played a key role in data protection regulations in the Latin American region (and globally), given the fundamental distinction between personal and non-personal data. Advances in computing power and data-driven technologies since the early 2000s have severely strained these legal regimes due to the challenges of practical implementation of anonymization frameworks. Despite this landscape and the growing number of robust de-anonymization techniques, data protection authorities must provide guidance and regulatory oversight to promote compliance among data processing actors. This panel aims to discuss regulatory models for addressing re-identification risks and best practices so that Latin American DPAs can best exercise their supervisory powers and protect the rights of data subjects.

The panelists will address the following questions:
a) Are risk-based models appropriate for conceiving data anonymization in today’s data-driven societies?
b) Can state-of-the-art anonymization techniques adequately deal with unstructured data?
c) What context-aware elements or features should a practical anonymization framework have for both private companies and public institutions?
d) Are there best practices that Latin American DPAs should consider in their regulatory guidance?

References:
Ten years after publishing their research paper “Robust Deanonymization of Large Sparse Datasets” (https://ieeexplore.ieee.org/document/4531148) in 2008, both Arvind Narayanan and Vitaly Shmatikov emphasize the endurance of the technical insight that inspired their work: “a small number of data points about an individual, none of which are uniquely identifying, are collectively equivalent to an identifier” (https://www.cs.princeton.edu/~arvindn/publications/de-anonymization-retrospective.pdf).
Although re-identification attacks have improved over time, data anonymization is still a building block of data protection regimes, and DPAs must fulfill their guidance and oversight mandates, such as the provision found in the Brazilian General Data Protection Regulation (LGPD), Article 12, § 3º. In a data-driven society, it is important to reflect on regulatory models and policymaking to address the challenges facing data anonymization frameworks.

Organizado por/ Organised by: Meta
Moderado por / Moderated by: Polina Zvyagina, Meta
Rumman Chowdhury, AI Fellow at the Berkman Klein Center; Diogo Cortiz, PUC SP / CEWEB; Iga Kozlowska, Meta; Jonathan Mendoza, INAI

Making AI more explainable is a cross-industry, cross-disciplinary dialogue. Companies, regulators, and academics are all testing ways of better communicating how AI works through various forms of guidance and frameworks that can empower everyday people with more AI knowledge. Because AI systems are complex, it is both important and challenging to develop documentation that consistently addresses people’s need for transparency and their desire for simplicity in such explanations. As such, data sheets, model cards, System Cards, and fact sheets have different audiences in mind. Providing a framework that is technically accurate, able to capture the nuance of how AI systems operate at Meta’s scale, and is easily digestible for everyday people using our technologies is a delicate balance, especially as we continue to push the state of the art in the field. At the panel, we propose to do a deep dive on System Cards, ask panelists what other AI Systems would benefit from System Cards and discuss transparency as a mechanism for accountability.

References:
System-Level Transparency of Machine Learning: https://ai.facebook.com/research/publications/system-level-transparency-of-machine-learning.

People-centric approaches to algorithmic explainability: https://www.ttclabs.net/report/people-centric-approaches-to-algorithmic-explainability.

AI Transparency & Explainability
(Singapore): https://openloop.org/wp-content/uploads/2022/07/AI_Transparency_&_Explainability_A_Policy_Prototyping_Experiment.pdf

Organizado por/ Organised by: Instituto Da Hora; InternetLab
Moderado por / Moderated by:Nina da Hora (Instituto da Hora)


Karina Menezes (UFBA), Alexandre Zago Boava (NTMTST)

Organizado por/ Organised by: Cedis/IDP & DataPrivacy Brasil

Moderado por / Moderated by: Diego Carvalho Machado, UFV/CEDIS-IDP

Johanna Monagreda, Data Privacy Brasil; Valeria Milanes,ADC; Ramon Costa, NIC.br e PUC-Rio; Paola Ricaurte, Escuela de Humanidades yEducación, del Tecnológico de Monterrey

In recent years, there has been a growing concern regarding the theoretical framework of vulnerability in the field of personal data protection. To address this concern, various observatories, including VULNERA, have emerged. This topic has also gained attention at international conferences such as CPDP Brussels. The main goal of this panel is to contextualize the discussion of vulnerability and its role in data protection law by examining concrete scenarios rooted in Latin American reality and experiences. By connecting different realities and contexts of Latin American countries and Europe, this panel aims to provide an overview of the multiple definitions of vulnerabilities and asymmetries and explore their relevance in the application of personal data protection rights.
In this sense, the panelists will address at least three questions:

1. Do data-driven technologies generate new vulnerabilities and/or increase already existing ones?
2. Are data subjects’ rights or other data protection instruments fit for purpose in this context?
3. Are there any regulatory approach or framework that Latin American jurisdictions can use to tackle data-driven power asymmetries and further protect vulnerable people’s fundamental rights?

In addition, we will profit from the audience’s participation with a Q&A session after the panelists’ presentations.

References:
Members of the Centro de Estudos em Direito, Internet e Sociedade (CEDIS-IDP) and Data Privacy Brasil (DPBR) are part of Vulnera’s Scientific Network (https://brusselsprivacyhub.com/vulnera/). Data Privacy Brasil has also been carrying out, for three years, projects with the Public Defenders of Rio de Janeiro, São Paulo and Bahia, having launched, in 2022, the book “Building paths to data justice in Brazil” (https://www.dataprivacybr.org/documentos/construindo-caminhos-para-a-justica-de-dados-no-brasil-o-papel-das-defensorias-publicas-na-protecao-de-dados-pessoais/?idProject=188) and the documentary “social justice in the era of data” (https://youtu.be/1q_mB8rAmck). The panel has as background the collaborations and discussions between members of the CEDIS-IDP and DPBR, especially in the context of scientific investigations on vulnerabilities and protection of personal data.

Organizado por/ Organised by: Nymtech
Moderado por / Moderated by: Daniel Vazquez, Nymtech
Daniel Vazquez, Nymtech; Jamila Venturini, Derechos Digitales; Rafael Zanatta, Data Privacy Brasil

The infrastructures that enable our digital lives are built with surveillance, not privacy, as the default. It is time to reverse that. Until now, the burden of solution has been placed on the individual: meaningless cookie consent forms and ineffective consumer choice. Privacy technologies are often too hard for ordinary people to use and the burden of decision and risk is placed on the individual who remains powerless in the face of global infrastructures. Mass surveillance is a collective form of surveillance, which therefore needs a collective solution. Even when the individual tries to opt out, other people’s data, the shared data-scapes of the rest of society, undermines the individuals privacy and anonymity. This panel will open a discussion of collective approaches to privacy, built into and enforced through privacy enhancing technologies. Real choice is only possible if privacy, not surveillance is the default of communications infrastructures.