SME ARC Conference – Croke Park May 11th
On May 11th, 2022, the DPC hosted a large scale in-person conference for SMEs in Croke Park, Dublin, in accordance with its commitments to the EU-funded ARC project. The structure of the day was based on the findings of the ARC Project survey (an earlier deliverable of the ARC Project), which had identified Legal Bases, Accountability, and Data Breach mitigations as areas of particular difficulty for Irish SMEs.
The goal of the conference was to give SMEs access to the type of expert legal and regulatory advice that they may not be in the financial position to acquire for themselves. Accordingly, panellists from the DPC were joined on the day by some of the top data protection legal
specialists currently operating in Ireland. Additionally, these participants were joined by members of the Compliance Institute (a representative body for SMEs in Ireland) and the DPO of Twitter and Chief Privacy Officer of Google, creating panels were well balanced, well informed and constantly focused on the challenges faced by SMEs.
A secondary goal of the conference was to create an environment where SMEs could engage in the peer-to-peer networking that has been denied them for the last two years due to the extreme Covid restrictions in Ireland. The DPC wanted to work towards mitigating the sense of isolation that many SMEs and DPOs have reported to us, when it comes to dealing with compliance challenges. It was important to the DPC and its stakeholders that the Conference be an in-person event, to facilitate the softer networking and relationship building that helps build a culture of compliance among regulated entities.
Adding value – planning the content
The driving principles of the conference were practicality and applicability: as organisers, we were very conscious that attendees would potentially have to sacrifice a day’s trading in order to attend the conference and therefore it was vital that they leave at the end of the day with usable knowledge and value added to their working practices. Extensive preparation work was done with panellists in advance of the event to ensure that the tone and examples being used were appropriate to an SME audience with comparatively limited knowledge of compliance practices. This included a strong emphasis on workshop style presentations that would walk attendees through the steps necessary to meet the threshold of accountability for their respective businesses.
Q&A sessions were also built into each panel, allowing the audience to ask for clarifications on specific points of compliance. Panellists were also very generous with their time during the coffee and lunch breaks, making themselves available for the follow-up questions that their sessions naturally generated.
Serving SMEs – the contents of the conference
In preparation for the conference, the DPC had liaised with the various SME representative bodies in Ireland to ensure we reached our target audience of small and medium enterprises. Invitations to the conference were initially issues through these representative bodies to their memberships, and members of these representative bodies were given two-weeks to pre-register their interest in attending. There was no admission fee charged to attend the event, but registration was required to secure a place. At the end of the two week pre-registration period, registration for the remaining balance of available seats was opened up to the public. Care was taken during the public registration phase to ensure that attendees continued to meet the SME parameters of the ARC project and enquiries received from multinational internet platforms and financial institutions were refused on the basis that they did not meet the criteria of the Conference. In the end, registrations to attend the conference reached 300 delegates, with 340 attending on the day itself (including a small amount of walk-ups).
The panel sessions on the day were extremely well received, with many compliments from the audience for the quality of the panel participants and a strong desire for future, similar events. The day’s proceedings were formally opened with brief addresses by Commissioner for Data Protection, Helen Dixon, and AZOP’s Deputy Director Igor Vulje. This was followed by a presentation of the key findings of the ARC Survey and outline of the conference objectives.
The rest of the day was broken into themed chunks, with the pre-lunch sessions focusing on accountability and legal-bases and the after lunch given over to breaches, risk identification and mitigation.