Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Past Events

Select a button to browse archived events by year.
2023 20222021 2020 2019 2018 2017 2016


Data Analytics for Small Businesses: How to Manage Privacy Risks

May 4, 2023 | 3:00 AM – 3:45 PM ET | Virtual 

  • Meghan Anderson, Privacy Risk Strategist, Privacy Engineering Program, NIST
  • Dylan Gilbert, Privacy Policy Advisor, Privacy Engineering Program, NIST

Data analytics are being promoted as a method to help small businesses increase innovation, enhance customer experience, save money, and improve their brand. If your small business is using data analytics—whether in-house or relying on a service provider to do it for you—it is important to be aware of the privacy implications of these activities.

This event took place during National Small Business Week and was an interactive discussion about how to manage privacy risks associated with data analytics.

During the webinar, the speakers covered:

  • A brief introduction to data analytics
  • Common privacy risks that arise from data analytics practices
  • Tips to help you meet your privacy objectives
  • Resources for enhancing privacy risk management within your small business

Event Page

IAPP Global Privacy Summit 2023

April 3, 2023 | 9:00 AM – 9:30 AM ET | In-person | Washington, D.C.

Privacy Engineering Section Forum

Opening Keynote: Naomi Lefkovitz, Senior Privacy Policy Advisor Manager, Privacy Engineering, NIST


April 4, 2023 | 2:30 PM – 3:45 PM ET | In-person | Washington, D.C.

A Practitioner's Guide to Managing and Mitigating the Privacy Risks of AI

  • Katharina Koerner, CIPP/US, Principal Researcher, Technology, IAPP

  • Naomi LefkovitzSenior Privacy Policy Advisor, Program Manager, Privacy Engineering, NIST

  • Oliver Patel, CIPP/E, Enterprise AI Governance Lead, AstraZeneca

Organizations use AI and machine learning to inform decisions and automate processes, like medical diagnosis. There are significant privacy risks, because vast amounts of sensitive data are often processed and more data usually means better performing AI. This session explores state-of-the-art privacy engineering techniques which practitioners can employ to mitigate the risks of AI systems, promote data minimization and ensure AI is privacy-preserving by design. For example, differential privacy can prevent an algorithm’s output from revealing information about its training data, whereas federated learning reduces data breach risk by distributing the training of an AI model across different servers. Machine learning models can also be hosted on user devices, and the number of data-points which algorithms evaluate can be reduced, minimizing data sharing and processing. Additional anonymization and pseudonymization techniques will be discussed. However, there are tradeoffs between safeguarding privacy and implementing wider responsible AI principles, like explainability and transparency.

Attendees will learn: 

  • An overview of the main privacy risks of AI and how these can be managed, minimized and monitored.
  • Introduction to state-of-the-art privacy engineering techniques which can be used to develop AI which is privacy-preserving. 
  • Key tradeoffs between promoting responsible AI and safeguarding privacy


Event Page


Privacy-Enhancing Technology Summit North America

May 18, 2022 | 9:30 AM – 10:15 AM ET | In-person

KEYNOTE ADDRESS: International Perspectives on Privacy-Enhancing Technologies: Potential, Policies & Prizes

  • Naomi Lefkovitz, Senior Privacy Policy Advisor, National Institute for Standards and Technology (NIST)
  • Erwin Gianchandani, Senior Advisor for Translation, Innovation, and Partnerships, National Science Foundation

Emerging PETs have the potential to unlock trustworthy data-driven innovation across sectors. However, there remain barriers to their adoption, including a lack of awareness, understanding, and expertise of these technologies and how to embed them in good organizational practice. In this session, hear from the US & UK government agencies on how they are helping to drive the maturity of privacy-enhancing technologies.

Attendees learned about:

  • The innovation prize challenges focused on advancing privacy-enhancing technologies.
  • What the key use cases and adoption trends are for PETs and the different implementation challenges that vary across jurisdictions.
  • How countries are using PETs to drive responsible innovation for the public good, for example, to drive research into Covid-19 interventions.
  • The role of PETs in supporting data protection regimes such as GDPR.
  • The role PETs could play in enabling trustworthy partnerships between the public and private sectors and among international partners.

Event Page

Demystifying the Privacy Engineer at the Consumer Financial Protection Bureau (CFPB) (Federal Employees and Contractors only)

April 21, 2022 | 12:00 PM – 1:00 PM ET | Virtual

  • Naomi Lefkovitz, National Institute for Standards and Technology (NIST) Senior Privacy Policy Advisor
  • Tannaz Haddadi, CFPB Chief Privacy Officer (CPO) & Senior Agency Official for Privacy (SAOP)
  • Hank Roser, CFPB Privacy Engineer
  • Michael Griffin, CFPB Senior Security Engineer

Please join CFPB and NIST for a discussion around privacy engineering, defining privacy engineering practices, and how this role supports enhanced privacy protections in systems and services. NIST will provide insight into the opportunities for privacy engineering within the federal government and how NIST is helping other organizations operationalize privacy engineering as a field. CFPB will provide an overview of how it is integrating privacy engineering within the organization and how it encourages security and privacy engineering collaboration through the implementation of NIST guidance.

Please note: This event is open to all federal employees and contractors (with supervisory/COR approval). This is a closed press event.

Event Page

IAPP Global Privacy Summit 2022

April 13, 2022 | 8:00 AM – 9:00 AM ET | In-person

How to Think About Privacy-enhancing Technologies 

Privacy-enhancing technologies like secure multiparty computation, homomorphic encryption, federated learning, differential privacy, secure enclaves, zero-knowledge proof or synthetic data are increasingly maturing and becoming relevant in practice. They promise to support the data economy by facilitating collaborative information-sharing and data utility while mitigating privacy and security risks by embedding privacy by design throughout the data life cycle or focusing on de-identification or anonymization of personal data. Regulators and standardization bodies too are focusing on the opportunities PETs present. This panel will an give an overview of privacy enhancing technologies from a technical and legal perspective. It will bring together leading engineers and researchers with legal and policy professionals as well as early adopters, sharing their expertise about those new technologies.

What you will learn:

  • A basic understanding of the most promising privacy enhancing technologies.
  • How to think of privacy enhancing technologies from a legal perspective.
  • Examples of use cases where privacy enhancing technologies support privacy preserving data sharing, transfers and collaboration.
  • What questions to ask to assess if privacy enhancing technologies could be beneficial for your company.

April 12, 2022 | 4:15 PM – 5:15 PM ET | In-person

What is "Privacy Risk?" Three Modern Methods for Risk Assessment 

  • R. Jason Cronk, CIPP/US, CIPM, CIPT, FIP, Privacy Engineer, Author, Enterprivacy Consulting Group
  • Nakia GraysonIT Security Specialist, NIST
  • Janelle Hsia, CIPP/E, CIPP/US, CIPM, CIPT, President, Privacy SWAN Consulting
  • Laurens SionPostdoctoral Researcher, KU Leuven

GDPR and the NIST Privacy Framework call for a risk-based approach to privacy. But what is "privacy risk?" Many privacy risk models are home-grown or insufficiently arbitrary and subjective. In this session, Janelle Hsia plays the role of a client seeking expert advice on the risks of her company's new service. Three experts will analyze the privacy risks using three modern privacy models: FAIR Privacy from the IAPP textbook “Strategic Privacy by Design,” NIST's Privacy Risk Assessment Methodology, and KU Leuven's Privacy Risk Assessment for Data-Subject Aware Threat Modeling. The client will then review, compare and contrast the different results.

What you will learn:

  • A conceptual understanding of privacy risks.
  • The similarity in factors in different risk models contributing to privacy risks.
  • How to apply a privacy risk model to a scenario. 

Event Page


Privacy + Security Forum Spring Academy 2021

NIST Privacy Framework IRL: the Rubber Meets the Road

May 25, 2021 | 3:30 – 4:30 PM ET | Virtual

Dylan Gilbert

The NIST Privacy Framework is a voluntary tool designed to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy. Organizations have picked up and put it into practice since its January release. Now it’s time to check in with these early adopters and hear straight from the source how and why they’ve operationalized it. Attendees heard about implementation use cases, challenges and successes, and adoption tips.

Event Page

Data Privacy Day: A Look at the NIST Privacy Framework 1.0

Celebrate Data Privacy Day One Day Early to Help You Stay One Step Ahead

Hosted by Armanino

January 27, 2021 | 2:00 – 3:00 PM ET | Virtual

Dylan Gilbert

NIST joined Hyperproof experts to present how to utilize the NIST privacy framework and relevant privacy expertise for efficient implementation of your privacy program globally by using appropriate technology to facilitate and speed up this process.

Event Page


Granular or Holistic Approach? Enforcing Privacy Rights in Complex ICT Ecosystems

January 27, 2021 | Virtual

Naomi Lefkovitz

Event Page


Federal Computer Security Managers' (FCSM) Forum: October 2020 1/2 Day Meeting

October 28, 2020 | Virtual 


The Federal Computer Security Program Managers (FCSM) Forum is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the sharing of information system security information among federal, State, and Higher Education employees. The Forum maintains an extensive e-mail list and holds quarterly meetings to discuss current issues and items of interest to those responsible for protecting non-national security systems. Visit the event page for more information and the agenda for the October meeting.

Event Page

The Federal 100 Winner Showcase: Cyber 

October 1, 2020 | Virtual 

Naomi Lefkovitz

Event Page


Help Wanted: Growing a Workforce for Managing Privacy Risk 

Hosted by the International Association of Privacy Professionals 
September 22-24, 2020 | Virtual 

On September 22-24, 2020, the International Association of Privacy Professionals (IAPP) hosted a virtual workshop on the development of a workforce capable of managing privacy risk. NIST joined the IAPP to lead working sessions where stakeholders can share feedback on the roles, tasks, knowledge, and skills that are necessary to achieve the Privacy Framework’s outcomes and activities. NIST will use this feedback to inform the development of a privacy workforce taxonomy.  

Event Page

VIRTUAL EVENT: What’s New in Draft NIST Special Publication 800-53, Revision 5, Security and Privacy Controls for Information Systems and Organizations

April 8, 2020 | 2:00 - 3:30 PM ET | Webcast

Naomi Lefkovitz

Event Page


IAPP Privacy. Security. Risk 2019

September 23, 2019 | 3:45 - 5:15 PM PT | Las Vegas, NV

Privacy Engineering Section Forum - NIST  Privacy Engineering Collaboration Space - Kaitlin Boeckl

Event Page

2019 USENIX Conference on Privacy Engineering Practice and Respect (PEPR)

August 12, 2019 | 10:15 - 10:30 AM ET | Santa Clara, CA

Explore NIST's Privacy Engineering Collaboration Space - Kaitlin Boeckl

Event Page

Global Privacy Summit 2019

May 3, 2019 | 9:30 - 10:30 AM ET | Washington, DC

The Security & Privacy Bunch, AKA “NIST RMF 2.0” - Naomi Lefkovitz & Victoria Pilliterri

Event Page

RSA Conference 2019 Expo

March 4-7, 2019 | San Francisco, California | Moscone Center South Expo Hall

NIST Privacy Engineering Collaboration Space Demo @ NIST Booth #2367, South Expo Hall
Tuesday, March 5 at 2:00 PM
Wednesday, March 6 at 3:00 PM

Explored NIST’s new Privacy Engineering Collaboration Space through a demo at NIST's RSA Conference 2019 booth (#2367) in the South Expo Hall! The Privacy Engineering Collaboration Space is an online venue open to the public where practitioners can discover, share, discuss, and improve upon open source tools, solutions, and processes that support privacy engineering and risk management. At this demo, individuals were able to see the range of de-identification and privacy risk management tools in the space, and learn how to contribute your own.

Event Page

NIST Risk Management Framework Webcast: A Flexible Methodology to Manage Information Security and Privacy Risk

February 28, 2019, 1 - 3 PM ET | Webcast

Naomi Lefkovitz

Event Page


IAPP Privacy. Security. Risk 2018

October 17-19, 2018 | Austin, TX

Managing Risk for the Internet of Things - Naomi Lefkovitz, Ellen Nadeau & Katerina Megas
Managing Privacy Risk Using the Risk  Management Framework (RMF) - Ellen Nadeau

Event Page

Privacy + Security Forum

October 4, 2018, 4 - 5 PM ET | Washington, DC

Managing Risk for the Internet of Things - Naomi Lefkovitz & Katie Boeckl

Event Page

Internet of Things Global Summit

October 4, 2018 | Washington, DC

A Trusted Connected World of Things: A focus on the role of a transatlantic dialogue to set IoT privacy and security principles - Naomi Lefkovitz

Event Page

Considerations for Managing IoT Cybersecurity and Privacy Risks Workshop

Hosted by the NIST
July 11, 2018 | Gaithersburg, MD

This workshop will help the program through the development of the Cybersecurity for IoT Program and Privacy Engineering Program’s publication on an introduction to managing IoT cybersecurity and privacy risk for federal systems. This will include work to date identifying typical differences in cybersecurity and privacy risk for IoT systems versus traditional IT systems, considerations for selecting and using technical controls to mitigate IoT cybersecurity and privacy risk, and basic cybersecurity and privacy controls for manufacturers to consider providing in their IoT products. A pre-read document has been posted to help guide conversation.

  Pre-Read Document Event Website

FIDO Alliance Member Plenary

May 22 - May 24, 2018 | Amsterdam, Netherlands

Ellen Nadeau attended.

Event Website

Assessing Privacy Controls Workshop

Hosted by the NIST
May 18, 2018, 9 AM - 12:30 PM | Gaithersburg, MD

As part of an ongoing series of workshops on privacy engineering and risk management, NIST hosted a public workshop on May 18th in Gaithersburg, Maryland. NIST is seeking feedback from stakeholders on how to incorporate privacy, for the first time, into the upcoming revision of NIST Special Publication 800-53A, Assessing Security and Privacy Controls in Federal Information Systems, the companion guidance for NIST Special Publication 800-53, Security and Privacy Controls for Federal Information Systems. NIST is interested in learning about privacy practitioners’ current procedures for assessing privacy controls, lessons learned, and challenges in order to develop appropriate guidance. You may send feedback regarding the upcoming revision of NIST SP 800-53A to privacyeng [at] (privacyeng[at]nist[dot]gov), and sign up for NIST’s Privacy Engineering Program email updates to receive future announcements.

  Workshop Summary Event Website

RSA Conference

April 17, 2018, 2:15 PM - 3 PM | San Francisco, CA
Nobody Puts Privacy in a Corner: Privacy in Enterprise Risk Management - Naomi Lefkovitz

Event Website

Internet of Things (IoT) Roundtable

Hosted by the NIST Privacy Engineering Program
March 29, 2018, 2 - 4 PM | Washington, DC

Slides  Event Website

Privacy Engineering Section Forum 2018

March 29, 2017 | Washington, DC
The Researchers’ View: Privacy Engineering on the Bleeding Edge - Naomi Lefkovitz

Event Website

IAPP Global Privacy Summit Active Learning Day

March 26, 2018 | Washington, DC
Meeting Challenges of Privacy, Security & GDPR Compliance in the Cloud - Naomi Lefkovitz & Ellen Nadeau
Managing Privacy Risk - Naomi Lefkovitz & Ellen Nadeau

Event Website

Strategies in Light

February 14, 2018 | Long Beach, California
Privacy and Security  - Ellen Nadeau

Event Website

CPDP 2018

January 28, 2018 | Brussels, Belgium
Privacy Engineering: Lingua Franca for Transatlantic Privacy - Naomi Lefkovitz



ISO SC 27 Meeting

October 29 – November 4, 2017 | Berlin, Germany
Working Group 1 participation - Naomi Lefkovitz & Ellen Nadeau

IAPP Privacy. Security. Risk.

October 16, 2017 | San Diego, California
Security and Privacy Engineering: It’s Not a Zero-Sum Game - Ellen Nadeau

Event Website

Privacy + Security Forum

October 4-6, 2017 | Washington, D.C.
Managing Privacy Risk in the Federal Government - Naomi Lefkovitz and Ellen Nadeau

Federal Identity Conference

September 12, 2017 | Washington, D.C.
Practical Application of Privacy and Civil Liberties - Naomi Lefkovitz

Event Website

Privacy Risk Assessment: A Prerequisite for Privacy Risk Management


Hosted by the NIST Privacy Engineering Program
June 5, 2017 | Gaithersburg, Maryland


Video Slides Event Website  


K(NO)W Identity Conference


May 15, 2017 | Washington, D.C.
Unlocking Value Through Attributes - Naomi Lefkovitz




National Association of Attorneys General regional meeting


April 5, 2017 | Charlottesville, Virginia
Challenges of the Internet of Things - Naomi Lefkovitz


Slides Event Website


Biometrics Institute DC Conference


March 28, 2017 | Washington, D.C.
Perceptions of Privacy - Ellen Nadeau


RSA Conference


February 16, 2017 | San Francisco, California
Privacy Enhancing Technologies Work: But Can Anyone Use Them? - Naomi Lefkovitz




Federal Cybersecurity Managers’ Forum


February 14, 2017 | Gaithersburg, Maryland
Privacy Engineering at NIST - Ellen Nadeau






Privacy Controls Workshop: Next Steps for NIST Special Publication 800-53, Appendix J


Hosted by the NIST Privacy Engineering Program
September 8, 2016 | Washington, D.C.


Event Website


NIST Workshop “Exploring the Dimensions of Trustworthiness”


Hosted by the NIST Privacy Engineering Program
August 30, 2016 |  Gaithersburg, Maryland




Upcoming Events


Created August 3, 2017, Updated May 9, 2023