Bring Your Own Device (BYOD) programs reportedly result in increased employee productivity and job satisfaction, but they also bring privacy and security challenges such as unauthorized access and loss or theft of the device. Luckily, both technical and policy solutions exist to help organizations combat these issues, and lots of industry guidance. This practice guide from the IAPP’s Westin Research Center offers an overview of BYOD, the trends associated with it and the laws that may affect you... Read more
Recently, the Payment Cards Industry Security Standards Council (PCI SSC) published a three-page guide titled Responding to a Data Breach that articulates its position on the correct response to a security incident at a merchant location where the attack exposed cardholder data. This guidance comes at an opportune time as security incidents continue to make headlines, cost organizations significant sums of money and demonstrate the parlous state of most organizations' ability to detect and respo... Read more
The Obama administration, together with leaders of the Asia-Pacific Economic Cooperation (APEC), is singling out the APEC-EU privacy interoperability project as a key initiative to prioritize helping the economies in the region. The project, points out TRUSTe’s Joshua Harris, “is working to establish mechanisms to facilitate a company’s simultaneous participation in the Cross Border Privacy Rules and Binding Corporate Rules systems,” adding, “The goal of this dual-certification approach is to st... Read more
The Federal Communications Commission (FCC), reports The Washington Post, has hired Jonathan Mayer, known for everything from his work on the Do Not Track working group to his identification of “zombie cookies.” Perhaps most notably, Mayer was the one who, in 2012, identified the way Google was bypassing Safari’s do-not-track mechanism to drop cookies, a practice that later resulted in sanctions from the Federal Trade Commission and lawsuits in the EU. He will serve as the FCC’s “technical lead ... Read more
In most of the recent corporate scandals brands’ top managers have taken heat for, including Ashley Madison and Whole Foods, “none of the dubious activities could have happened without the active participation of technical teams,” writes Kaiser Fung for Harvard Business Review. And that’s a problem that business managers are missing. “The people who collect, store, manage and process our data are not being held to any ethical standards,” Fung writes. A solution? To have every technical and data ... Read more
Network and talk privacy at IAPP KnowledgeNet meetings, taking place worldwide.
Events, volunteer opportunities and more designed to help you give and get career support and expand your network.
Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.
Two-day privacy training classes are held around the world. See the complete schedule now.
Subscribe now to get the latest alerts on training opportunities around the world.
See our list of upcoming web conferences. Just log on, listen in and learn!
The global standard for the go-to person for privacy laws, regulations and frameworks
The first and only privacy certification for professionals who manage day-to-day operations
The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements
Looking for tools and info on a hot topic? Our close-up pages organize it for you in one easy-to-find place.
Our interactive DPA locator helps you find data protection authorities and summary of law by country.
New! Intensive two-day GDPR training led by the sharpest minds in the field. It's a can't-miss event.
The IAPP Europe Data Protection Congress 2015 is cancelled. Click through to learn more.
Increase visibility for your organization—check out sponsorship opportunities today.