Day One: Privacy Standards for Organisations

Join BSI experts for two focused webinars that dive into the latest international privacy standards, frameworks, and practical applications. Each session offers actionable insights, real world examples, and the opportunity to engage directly with specialists through live Q&As.

  • Wednesday, 22 October 2025 | 10:00 – 11:05 (BST)
  • Location: Online

This webinar will guide you through the most influential standards driving privacy practices across industries, including practical guidance on privacy in cloud environments and addressing privacy in AI systems and ML models.

Overview:

The world of privacy standards is fast evolving , from cloud computing to AI-driven systems. This session brings together BSI and ISO experts to explore how updated international standards can strengthen your organisation's privacy frameworks, integrate seamlessly with your Information Security Management System (ISMS), and drive responsible innovation.

Gain insights into the recently revised ISO/IEC 27701:2025 from its Lead ISO Project editor, hear updates to foundational privacy standards ISO/IEC 29100 and ISO/IEC 29151 from the Chairperson of BSI’s national committee on Cybersecurity, and learn the latest on brand new ISO/IEC 27018:2025 for protecting personal data in the cloud from a renowned privacy expert and committee member. The session ends with a live panel Q&A led by Joy Tan, offering the chance to ask the experts about your privacy challenges.

You'll learn how to:

  • Upgrade your Privacy Information Management System (PIMS) with the latest ISO/IEC 27701:2025 requirements and guidance
  • Apply foundational privacy controls to strengthen your data protection framework
  • Protect personal data in public cloud environments using ISO/IEC 27018:2025

Agenda

10:00 — Welcome and introduction: How key privacy standards fit together — Joy Tan
10:05 — What's new in ISO/IEC 27701: Upgrading your Privacy Information Management System — Alan Shipman
10:20 — Foundations & controls: ISO/IEC 29100 (privacy framework) and ISO/IEC 29151 (PII processing controls) — Bridget Kenyon
10:35 — What's new in ISO/IEC 27018: Protecting personal data in public cloud —Ardi Kolah
10:50 — Q&A and audience questions — Panel
11:05 — Closing remarks — Joy Tan

Register for the Privacy Standards for Organisations Webinar here

Day Two: Protecting Consumers in a Digital Age

  • Thursday, 23 October 2025 | 10:00 – 11:25 (BST)
  • Location: Online

As consumers increasingly live, work, and interact online, safeguarding their rights and personal information is critical. This webinar explores how privacy‑by‑design and advanced assurance frameworks support safer digital environments.

Agenda

10:00 — Welcome & introduction: Privacy for consumers  — Delme Stephenson
10:05 — ISO/IEC 275661-1: Age assurance for online safety  — Tony Allen
10:20 — ISO/IEC 27091: AI  and privacy: model governance and assurance — Milan Patel
10:35 — Zero-knowledge proofs for privacy: implementing ISO/IEC 27565 — Patrick Curry
10:50 — ISO/IEC 29184: Online privacy notices and consent — Colin Wallis
11:05 — Privacy by Design in products and services: ISO/IEC 31700-1 and ISO/IEC TR 31700-2 — Michelle Chibba & Rae Dulmage
11:20— Q&A and audience questions — Panel
11:25— Closing remarks & next steps — Delme Stephenson 

Register for the Protecting Consumers in a Digital Age Webinar here

Who should attend?

  • Privacy officers, compliance managers, and data protection leaders.
  • Risk, governance, and digital trust professionals.
  • Consumer protection advocates and online safety specialists.
  • Technology leaders integrating privacy by design into their systems.

The Speakers:

Sebastiaan Van Dort
Alan Shipman
Alan chairs the BSI Identity Management and Privacy Technologies sub-committee (IST/33/5), which is part of the Information Security committee (IST/33).  This sub-committee is responsible for developing the UK view on a number of ISO/IEC and CEN/CENELEC projects dealing with identity and privacy matters.  Alan acted as editor for the British Standard (BS 10012:2014) which is a specification for a management system which enables organisations to demonstrate compliance with data protection legislation, including the European General Data Protection Regulation (GDPR).
Tia Magrath
Milan Patel
Milan is part of the standards team at Microsoft. He actively engages in international standardization related to cybersecurity and artificial intelligence. He also chairs the committee for AI at the British Standards Institution and has an active history in technical standardization in numerous ICT related standardization organizations.
Tasha Lyth
Ardi Kolah
Ardi Kolah LL.M, FIP, CIPM, CIPP/E is an experienced Global Data Protection Officer with senior leadership across aviation, legal, education, financial services, and technology. He has served as DPO at Hitachi Consulting, Dentons, Bright Horizons, Cohen Veterans Bioscience and Manchester Airports Group, leading global privacy programmes, managing teams and budgets, and embedding privacy by design across complex organisations. At Hitachi, he was responsible for achieving the UK’s first certification to BS 10012:2017/ISO 27701, setting a benchmark for privacy and information governance. 
Gruffudd Jones
Colin Wallis
Over his 21 years in the digital verification and privacy domains, Colin has amassed a treasure-trove of knowledge on comparative digital identity policy and practice across the globe, 18 of those contributing to international standards and consortia – IEEE, ISO, ITU-T, ToIP, as well as national mirror groups. His early career in FMCG helped his switch to ICT in the late ‘80’s with leading roles in both the private, public and NGO sectors, more recently as Executive Director of non-profit industry associations Kantara Initiative and Digital Identity NZ.
Martin Baxter
Michelle Chibba
Ms. Chibba is Convenor for ISO JTC1 SC44 WG1 and a member of the Chair Advisory Committee (CAG). She was Project Editor to the ISO Committee (PC317) for the international standard on Privacy by Design for Consumer Products, ISO 31700-1:2023. She is also involved in early development work in AI and privacy guidance, digital twins, and model-based software/systems engineering for privacy.  Recently, she led a successful certification process for ISO27001 – Information Security Management System. Ms. Chibba brings unique insights into implementing Privacy by Design that come from her early involvement in the privacy regulatory space and extensive involvement with a wide range of corporate initiatives requiring a Privacy by Design lens.
Martin Baxter
Rae Dulmage
Rae Dulmage has had a long, varied and distinguished 35+ year career in Standardization.   He holds leading roles in standards development in Canada and at ISO.   Currently, he is the chair of the Canadian Mirror Committees to, ISO/IEC JTC1 SC 44 (Consumer Protection -Privacy by Design), ISO COPOLCO (Committee on Consumer Policy and ISO/TC 314 (Ageing Societies) as well as the International Chair of ISO/TC 145 (Graphical Symbols) and ISO/TC 145/SC 1(Public Information Symbols and Systems). Rae holds a Bachelor of Commerce degree from Carleton University, Ottawa, Canada.
Martin Baxter
Joy Tan
Joy leads a team in the strategic development and implementation of national, European and international standards across Digital technologies. With over a decade of experience in standards and compliance, she plays a critical role in fostering collaboration between industry, government and civil society to develop relevant, progressive standards that align with emerging technologies and policy priorities. She is particularly passionate and focused on the value of standards in shaping trusted systems for AI and Quantum technologies whilst ensuring best practices in cybersecurity and data interoperability keep pace. 
Martin Baxter
Delme Stephenson
Delme Stephenson is the Lead Standards Development Manager (Digital) at BSI, overseeing UK and international portfolios across cybersecurity, information security and privacy technologies, immersive technologies and IT governance. With over 11 years at BSI, he leads key committees and partnerships with government, industry, and academia to deliver standards that strengthen digital trust and resilience. A former production editor at SAGE Publications, he holds degrees from the University of Leeds and Goldsmiths, University of London. Delme specialises in turning innovation and policy into practical, measurable standards that deliver real-world value.
Martin Baxter
Tony Allen
Tony Allen is Executive Director of the Age Check Certification Scheme (ACCS), a UKAS-accredited body recognised by the ICO for assessing age verification, age estimation and age assurance technologies. A Chartered Trading Standards Practitioner with 30+ years’ experience, he is the Lead Editor of ISO/IEC 27566-1 (Age Assurance Systems - Framework) and Panel Chairperson for BSI IST/33/5/5 (Age Assurance Standards). Tony’s expertise covers compliance, certification and the practical deployment of age checks, from test purchasing to AI-based solutions and age-appropriate design. 
Martin Baxter
Bridget Kenyon
Bridget Kenyon is Global CISO at Verian Group and Chair of BSI IST/33. A standards leader on the ISO editing team since 2006, she served as lead editor for ISO/IEC 27001:2022 and ISO/IEC 27014:2020. Her career includes CISO at SSCL, Head of Information Security at UCL, and work as a PCI DSS QSA. Bridget is a Fellow of CIISec, sits on the (ISC)² UK Advisory Council, and was named in SC Magazine’s Top 50 Women of Influence (2019). She champions pragmatic, business-aligned security.