nic001To many outside the Privacy Industry the term "Privacy by Design" may have been little more than a buzzword. How times have changed. In our evolving digital economy compromising of Internet of Things technologies, which enable always on, always present , always collecting eco -systems has seen privacy, and in particular privacy by design, become a hot industry topic. With the emergence of Smart Building, Smart Cities and even Smart People, individual and societal privacy protection is not only of legal and regulatory significance but has become a key imperative within the community itself.

“Where the use of tech involves personal data, security is a necessary condition for ensuring privacy... but, on its own, it is not sufficient.”


Nicole Stephensen Executive Director (Privacy & Data Protection) @ IoT Security Institute will be speaking at this year's AISA 2019 event. Nicole's work at the IoTSI addressing Privacy and DP challenges within smart cities, smart technology eco-systems should draw considerable interest and attention. The publication of the IoTSI Smart Cities and Critical Infrastructure Framework, released earlier this year, has proven the catalyst to bring these smart technology challenges and opportunities to a broad global audience. No longer on the periphery of industry discussions Security and Privacy by Design are at the front and centre of cyber safe government, enterprise and community expectations.


Nicole Stephensen is Principal Consultant at Ground Up Consulting, a boutique firm she established in 2011. There, she provides capacity building and privacy by design services across government, private and not for profit sectors. Nicole is also the Executive Director for Privacy and Data Protection at the Internet of Things Security Institute (a pro bono position). She is co-author of the IoTSI Security Framework for Smart Cities and Critical Infrastructure and hosts a bi-weekly podcast, Privacy Matters

privacytmattersradio host Nicole

In her nearly 20 years in the privacy profession, Nicole notably provided comprehensive drafting instructions on the structure, content and   policy imperatives for Queensland’s first privacy law, the Information Privacy Act 2009. This law replaced the State’s previous administrative   privacy regime which, from 2005-2007, Nicole had responsibility for implementing at a whole-of-government level. She began her career in   Canada, with roles in privacy, freedom of information and information policy.

 Nicole is a member of the International Association of Privacy Professionals (IAPP), and hosts the IAPP’s KnowledgeNet Chapter for   Queensland. Prior to its incorporation into the larger IAPP in 2019, Nicole was also a member of the International Association of Privacy   Professionals ANZ Chapter (iappANZ) where she sat for three consecutive terms on the Board. Nicole additionally volunteers her time to:   the international peer-review panel for the Secure Controls Framework (SCF), a US-based high-level  privacy- and security-by-design   framework created by industry experts and offered under creative commons; and, the Advisory Board for the Joe Alhadeff Digital Policy   Centre (currently being constructed on Prince Edward Island, Canada), which is focused on issues of digital policy affecting children and   young people, such as cyber-bullying, image based abuse and child exploitation.