close
News Stream Books Videos Web Conferences Subscriptions Advertise About IAPP Publications
Daily Dashboard Daily Dashboard

The day’s top stories from around the world

 Privacy Perspectives Privacy Perspectives

Where the real conversations in privacy happen

 The Privacy Advisor The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

 Privacy Tracker Privacy Tracker

Alerts and legal analysis of legislative trends

 Privacy Tech Privacy Tech

Exploring the technology of privacy

 Canada Dashboard Digest Canada Dashboard Digest

A roundup of the top Canadian privacy news

 Europe Data Protection Digest Europe Data Protection Digest

A roundup of the top European data protection news

 Asia-Pacific Dashboard Digest Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

 Latin America Dashboard Digest Latin America Dashboard Digest

A roundup of the top privacy news from Latin America

 U.S. Privacy Digest U.S. Privacy Digest

A roundup of US privacy news
Overview Communities Networking Volunteer Privacy After Hours Privacy List Membership Directory Career Central
IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.
Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

 Find a KnowledgeNet Chapter Near You

Talk privacy and network with local members at IAPP KnowledgeNet Chapter meetings, taking place worldwide.

 IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

 Call for Volunteers Now Open!

Apply for Advisory Board Leader and KnowledgeNet Chapter Chair positions by October 12. (IAPP membership required for leadership positions. Join today!)
Privacy Training Classes Privacy Core Awareness GDPR Training Sample Questions Books Web Conferences Faculty Resource Center Train Your Staff Conferences
Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

 Upcoming Web Conferences

See our list of upcoming web conferences. Just log on, listen in and learn!

 Train Your Team

Get your team up to speed on privacy by bringing IAPP training to your organization.

 GDPR Added to the Privacy Core® e-learning Library

Another high-demand topic added to our Data Protection Awareness curriculum: "The GDPR: A Practical Overview."

 Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

 Training Product Updates—Get Them Here!

Training online? See the latest updates to our online training programs and our newest textbooks.

 Let’s Get You GDPR Ready Let’s Get You GDPR Ready

May 25 was not the end—it’s just the beginning. We have all the resources you need to meet the challenges of the GDPR.

New! - The Privacy Imperative

View this three-video series featuring global privacy leaders as they discuss the importance of creating a culture of privacy
Overview Certification Programs Get Certified How to Prepare Continuing Privacy Education (CPE) Fees Certify Your Staff Verify a Certification
CIPP Certification CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

 CIPM Certification CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

 CIPT Certification CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

 FIP Designation FIP Designation

Recognizing the advanced knowledge and issue-spotting skills a privacy pro must attain in today’s complex world of data privacy.

 Privacy Law Specialist Privacy Law Specialist

The first title to verify you meet stringent requirements for knowledge, skill, proficiency and ethics in privacy law, and one of the ABA’s newest accredited specialties.

 CIPP/E + CIPM = GDPR Ready CIPP/E + CIPM = GDPR Ready

The IAPP’S CIPP/E and CIPM are the ANSI/ISO-accredited, industry-recognized combination for GDPR readiness. Learn more today.
Tools Research Glossary DPAs FTC Casebook IAPP Westin Research Center Jobs Vendors
New to privacy? Click here.

Articles and tools to help you get a basic understanding of the job of the privacy pro and data protection laws and practices around the globe.
Heard of the new California Consumer Privacy Act?

Get up-to-date on the latest in the IAPP Resource Center.
Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.
The 2018 Privacy Tech Vendor Report

We've updated the Privacy Tech Vendor Report highlighting companies offering privacy technology solutions and insight on market trends from industry leaders.
Privacy. Security. Risk. (P.S.R.) Privacy. Security. Risk. (P.S.R.)

P.S.R. offers the best of the best in privacy and security, with innovative cross-education and stellar networking.

 IAPP Europe Data Protection Congress IAPP Europe Data Protection Congress

The hub of European privacy policy debate, thought leadership and strategic thinking with data protection professionals.

 IAPP Global Privacy Summit IAPP Global Privacy Summit

The world’s top privacy conference. Whether you work in the public or private sector, anywhere in the world, the Summit is your can't-miss event.

 IAPP Data Protection Intensive: UK IAPP Data Protection Intensive: UK

Registration for the 2019 London event opens in November. Sign up for notifications to get the registration date.

IAPP Canada Privacy Symposium IAPP Canada Privacy Symposium

Share your ideas at Canada's top forum of privacy policy and practice. The 2019 call for proposals is open!

 IAPP Asia Privacy Forum IAPP Asia Privacy Forum

World-class discussion and education on the top privacy issues in Asia Pacific and around the globe.

IAPP Data Protection Intensive: Deutschland IAPP Data Protection Intensive: Deutschland

Concentrated learning, sharing, and networking with all sessions delivered in parallel tracks—one in English, the other in German.

 Mark Your Calendar

Future conference dates? We've got them! Get updates here.

 Past Conferences

Access past event schedules and view available presentations.

 Speak at an IAPP Event

View our open calls and submission instructions.
Individual Membership Corporate Membership Group Membership Student Membership
Become a Member

Start taking advantage of the many IAPP member benefits today

 Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

 Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits
{[product.name]} {[ product.name ]}
clear
mode_editEdit
remove_circle_outline {[ getCartItemQuantity(product.id) ]} add_circle_outline
{[ product.price | currencyFilter ]}
TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

United States Privacy Digest | Notes from the IAPP Publications Editor, January 5, 2018 Related reading: Manjoo: Moving on from ad-centric models has benefits, risks

rss_feed
PrivacyTraining_ad300x250.Promo1-01
PSR18_Web_300x250-COPY

""

""

Greetings from snowy Portsmouth, NH!

We here at the IAPP managed to make it through Thursday's "bomb cyclone" relatively unscathed, but some of our neighbors on the immediate coast took on extremely high tides. The icy Atlantic Ocean made its way into several local businesses and homes here on the coast, reminiscent of the famous Blizzard of '78. Hopefully the clean up and repairs won't be too expensive and fingers crossed that such a thing won't happen for another 40 years. 

Though we're bundled up in what's been a frigid winter so far, we're getting warmed up for what will surely be a busy year in 2018. Of course, implementation of the GDPR is top of mind, but that's not the only thing on privacy pros' radars. Just before the holiday break, the publications team got together to review 2017 and talk about what's ahead in 2018 in the latest Privacy Advisor Podcast. We even set the record straight on proper cliches. 

Politico published a really good article this week on why, after the Equifax breach last year, Congress has not moved federal data breach notification legislation forward in the four months since one of the largest breaches in U.S. history. Like other major breaches before it, the fallout included "white-hot" bipartisan outrage, a series of contentious Congressional hearings, and a slew of legislative proposals. All for nought. So far. 

But there appears to be some movement behind the scenes. Of course, the devil is in the details. For many companies, navigating 48 separate state laws is cumbersome, time-consuming, and costly. Some state laws are more comprehensive than others, so how should a federal law preempt state laws, if at all? Plus, we're in a deregulatory phase right now, meaning Republicans likely won't want a law that would give more power to federal regulators. 

Industry verticals also play a role here. Many in the banking industry, according to the report, want their robust regulations applied to other industries, but the retail industry fears strong rules could hurt small businesses that don't collect as much sensitive data. It also appears that the telecommunications industry, already subject to industry-specific privacy rules, is pushing back. 

Sen. John Thune, who chairs the Senate Commerce Committee, said there is not yet "consensus among major stakeholders on data breach and data security legislation." But, according to Politico, there is optimism for 2018. Jason Kratovil, who serves as VP of government affairs for the Financial Services Roundtable, said, "there's a lot of energy being spent trying to get this one right and work toward a legislative outcome that isn't just a product of one committee or one committee's jurisdiction," but rather something that will have "a lot of support from many stakeholders." 

Will we see comprehensive federal data breach legislation in 2018? My guess is that we will not. I think there's a greater chance we'll see more massive data breaches, which may, indeed, prompt another round of "white-hot" bipartisan outrage. The question is, will there be a breach big enough to catalyze a federal law and get us out of this cycle?

Either way, privacy pros will be busy navigating those 48 state laws and ensuring their company stays off the front page of The Wall Street Journal. 

May your 2018 be breach free. 

Author
Jedidiah Bracy, CIPP/E, CIPP/US
Tags
Financial
Government
Telecommunications
U.S.
Data Loss
Infosecurity
Privacy Law
Privacy Opinion
Comments

If you want to comment on this post, you need to login.

Related Stories
NIST launches development of a privacy framework
On Tuesday, the U.S. National Institute of Standards and Technology initiated its process for the development of a privacy framework to a room full of privacy professionals here in Austin, Texas. The first in a series of public workshops, officials from NIST described the framework as a "voluntary e...
Read More queue Save This
IAPP updates the Privacy Tech Vendor Report
The IAPP has released the "Q4" version of its Privacy Tech Vendor Report. When the IAPP first released its initial version of the report at the beginning of 2017, it contained fewer than 50 companies. Since then, the report has grown to become the de facto resource for privacy professionals looking ...
Read More queue Save This

""

Related Stories
Tags
Financial
Government
Telecommunications
U.S.
Data Loss
Infosecurity
Privacy Law
Privacy Opinion
Recent Comments