News Stream Books Videos Web Conferences Subscriptions Advertise About IAPP Publications
Daily Dashboard Daily Dashboard

The day’s top stories from around the world

 Privacy Perspectives Privacy Perspectives

Where the real conversations in privacy happen

 The Privacy Advisor The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

 Privacy Tracker Privacy Tracker

Alerts and legal analysis of legislative trends

 Privacy Tech Privacy Tech

Exploring the technology of privacy

 Canada Dashboard Digest Canada Dashboard Digest

A roundup of the top Canadian privacy news

 Europe Data Protection Digest Europe Data Protection Digest

A roundup of the top European data protection news

 Asia-Pacific Dashboard Digest Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

 Latin America Dashboard Digest Latin America Dashboard Digest

A roundup of the top privacy news from Latin America

 U.S. Privacy Digest U.S. Privacy Digest

A roundup of US privacy news
Overview KnowledgeNet Chapters Sections Affinity Groups Volunteer Annual Awards Member Directory Privacy List Career Central
Find a KnowledgeNet Chapter Near You

Talk privacy and network with local members at IAPP KnowledgeNet Chapter meetings, taking place worldwide.

 Virtual Networking

Connect with IAPP members around the globe without ever leaving your home. Find a Virtual Networking event today.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

 IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

 Member Directory

Locate and network with fellow privacy professionals using this peer-to-peer directory.

 IAPP Calendar

Review a filterable list of conferences, KnowledgeNets, LinkedIn Live broadcasts, networking events, web conferences and more.
Overview Online Training Live Online Training In-Person Training Books Sample Questions Train Your Staff Official Training Partners Web Conferences
European Data Protection (CIPP/E)

Understand Europe’s framework of laws, regulations and policies, most significantly the GDPR.

 U.S. Private-Sector Privacy (CIPP/US)

Steer a course through the interconnected web of federal and state laws governing U.S. data privacy.

 Canadian Privacy (CIPP/C)

Learn the intricacies of Canada’s distinctive federal/provincial/territorial data privacy governance systems.

 Privacy Program Management (CIPM)

Develop the skills to design, build and operate a comprehensive data protection program.

Privacy in Technology (CIPT)

Add to your tech knowledge with deep training in privacy-enhancing technologies and how to deploy them.

 CCPA Training

Gain the knowledge needed to address the widest-reaching consumer information privacy law in the U.S.

 GDPR Training

Learn the legal, operational and compliance requirements of the EU regulation and its global influence.

 Privacy Law Specialist Training (PLS)

Meet the stringent requirements to earn this American Bar Association-certified designation.
Overview Certification Programs Get Certified How to Prepare Continuing Privacy Education (CPE) Fees Certify Your Staff Verify a Certification
CIPP Certification CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

 CIPM Certification CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

 CIPT Certification CIPT Certification

As technology professionals take on greater privacy responsibilities, our updated certification is keeping pace with 50% new content covering the latest developments.

 FIP Designation FIP Designation

Recognizing the advanced knowledge and issue-spotting skills a privacy pro must attain in today’s complex world of data privacy.

 Privacy Law Specialist Privacy Law Specialist

The first title to verify you meet stringent requirements for knowledge, skill, proficiency and ethics in privacy law, and one of the ABA’s newest accredited specialties.

 CIPP/E + CIPM = GDPR Ready CIPP/E + CIPM = GDPR Ready

The IAPP’S CIPP/E and CIPM are the ANSI/ISO-accredited, industry-recognized combination for GDPR readiness. Learn more today.

 Certificação CDPO/BR Certificação CDPO/BR

Disponível em breve - Certificação para funções de DPO combinando a certificação CIPM com uma prova específica sobre LGPD.

 Certification CDPO/FR Certification CDPO/FR

Certification des compétences du DPO fondée sur la législation et règlementation française et européenne, agréée par la CNIL.
Tools and Trackers Research Glossary DPAs Enforcement Database Westin Research Center Web Conferences Jobs Privacy Vendor Marketplace
Privacy Vendor Marketplace Privacy Vendor Marketplace

Use the Vendor Demo Center, Privacy Vendor List and Privacy Tech Vendor Report to easily identify privacy products and services to support your work.
2021 IAPP Privacy Professionals Salary Survey

In this survey, privacy professionals can find where they stack up among their peers by job title, geographic region, industry, number of rungs away from the CEO and more.
US State Privacy Legislation Tracker

The IAPP’s US State Privacy Legislation Tracker consists of proposed and enacted comprehensive state privacy bills from across the U.S.
Reports and Surveys

Access all reports and surveys published by the IAPP.
White Papers

Access all white papers published by the IAPP.
Infographics

Access all infographics published by the IAPP.
CCPA and CPRA

IAPP members can get up-to-date information here on the California Consumer Privacy Act and the California Privacy Rights Act.
EU General Data Protection Regulation

The IAPP's EU General Data Protection Regulation page collects the guidance, analysis, tools and resources you need to make sure you're meeting your obligations.
CCPA and CPRA Genius

This tool helps IAPP members navigate the CCPA and CPRA by mapping legal requirements, while providing access to critical resources, analysis, compliance guidance and more.
GDPR Genius

This interactive tool provides IAPP members access to critical GDPR resources — all in one location.
Data Protection Intensive: Deutschland Data Protection Intensive: Deutschland

Join DACH-region data protection professionals in Munch for learning, sharing and networking. Presented in German.

 Asia Privacy Forum Online Asia Privacy Forum Online

World-class discussion and education on the top privacy issues in Asia Pacific and around the globe.

Privacy. Security. Risk. (P.S.R.) Privacy. Security. Risk. (P.S.R.)

P.S.R. offers the best of the best in privacy and security, with innovative cross-education and stellar networking.

 ANZ Summit ANZ Summit

Delivering world-class discussion and education on the top privacy issues in Australia, New Zealand and around the globe.

Europe Data Protection Congress Europe Data Protection Congress

The hub of European privacy policy debate, thought leadership and strategic thinking with data protection professionals.

 Global Privacy Summit Online 2021 Global Privacy Summit Online 2021

Access critical information and tactics you need to navigate privacy risks and regulations from anywhere with an internet connection.

 Canada Privacy Symposium Online 2021 Canada Privacy Symposium Online 2021

Get the latest updates on Canadian privacy laws plus policy and program insights from leading privacy pros at Canada’s premier privacy event. Free to IAPP members.

 Mark Your Calendar

Review upcoming IAPP conferences to see which need to be included in your schedule for the year ahead.

 Speak at an IAPP Event

View our open calls and submission instructions.

 Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

Individual Membership Corporate Membership Group Membership Student Membership
Become a Member

Start taking advantage of the many IAPP member benefits today

 Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

 Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

 ANZ Members

Review current member benefits available to Australia and New Zealand members
{[product.name]} {[ product.name ]}
clear
mode_editEdit
remove_circle_outline {[ getCartItemQuantity(product.id) ]} add_circle_outline
{[ product.price | currencyFilter ]}
TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

United States Privacy Digest | Notes from the IAPP Publications Editor, January 5, 2018 Related reading: Sen. Wicker introduces federal US privacy bill

rss_feed

""

""

""

Greetings from snowy Portsmouth, NH!

We here at the IAPP managed to make it through Thursday's "bomb cyclone" relatively unscathed, but some of our neighbors on the immediate coast took on extremely high tides. The icy Atlantic Ocean made its way into several local businesses and homes here on the coast, reminiscent of the famous Blizzard of '78. Hopefully the clean up and repairs won't be too expensive and fingers crossed that such a thing won't happen for another 40 years. 

Though we're bundled up in what's been a frigid winter so far, we're getting warmed up for what will surely be a busy year in 2018. Of course, implementation of the GDPR is top of mind, but that's not the only thing on privacy pros' radars. Just before the holiday break, the publications team got together to review 2017 and talk about what's ahead in 2018 in the latest Privacy Advisor Podcast. We even set the record straight on proper cliches. 

Politico published a really good article this week on why, after the Equifax breach last year, Congress has not moved federal data breach notification legislation forward in the four months since one of the largest breaches in U.S. history. Like other major breaches before it, the fallout included "white-hot" bipartisan outrage, a series of contentious Congressional hearings, and a slew of legislative proposals. All for nought. So far. 

But there appears to be some movement behind the scenes. Of course, the devil is in the details. For many companies, navigating 48 separate state laws is cumbersome, time-consuming, and costly. Some state laws are more comprehensive than others, so how should a federal law preempt state laws, if at all? Plus, we're in a deregulatory phase right now, meaning Republicans likely won't want a law that would give more power to federal regulators. 

Industry verticals also play a role here. Many in the banking industry, according to the report, want their robust regulations applied to other industries, but the retail industry fears strong rules could hurt small businesses that don't collect as much sensitive data. It also appears that the telecommunications industry, already subject to industry-specific privacy rules, is pushing back. 

Sen. John Thune, who chairs the Senate Commerce Committee, said there is not yet "consensus among major stakeholders on data breach and data security legislation." But, according to Politico, there is optimism for 2018. Jason Kratovil, who serves as VP of government affairs for the Financial Services Roundtable, said, "there's a lot of energy being spent trying to get this one right and work toward a legislative outcome that isn't just a product of one committee or one committee's jurisdiction," but rather something that will have "a lot of support from many stakeholders." 

Will we see comprehensive federal data breach legislation in 2018? My guess is that we will not. I think there's a greater chance we'll see more massive data breaches, which may, indeed, prompt another round of "white-hot" bipartisan outrage. The question is, will there be a breach big enough to catalyze a federal law and get us out of this cycle?

Either way, privacy pros will be busy navigating those 48 state laws and ensuring their company stays off the front page of The Wall Street Journal. 

May your 2018 be breach free. 

Author
Headshot Jedidiah Bracy, CIPP/E, CIPP/US IAPP Staff Contributor
Tags
Financial
Government
Telecommunications
U.S.
Data Loss
Infosecurity
Privacy Law
Privacy Opinion
Comments

If you want to comment on this post, you need to login.

Related Stories
Sen. Wicker introduces federal US privacy bill
U.S. Sen. Roger Wicker, R-Miss., introduced a new federal privacy bill, The Wall Street Journal reports. The Setting an American Framework to Ensure Data Access, Transparency, and Accountability Act would require organizations to publish privacy notices, appoint privacy offices and give consumers da...
Read More queue Save This
EDPB adopts dispute resolution decision
During its latest plenary session, the European Data Protection Board adopted a dispute resolution decision in the Irish Data Protection Commission's case against WhatsApp Ireland. The EDPB sought to address the lack of consensus between the DPC and the concerned supervisory authorities that objecte...
Read More queue Save This
CNIL issues 400K euro GDPR fine over 'right to know'
France's data protection authority, the Commission nationale de l’informatique et des libertés, issued a 400,000 euro fine to U.S.-based biotechnology firm Monsanto Company for violating an individual's right to know under the EU General Data Protection Regulation. Monsanto allegedly held a file car...
Read More queue Save This
Facebook to restrict targeted ads for kids
Facebook announced plans to curtail targeted advertising capabilities to minors in the coming weeks. Targeting categories for children under 18 will be limited to age, gender and location, with Facebook noting advocates indicated young people "may not be well equipped" to make decisions on opting ou...
Read More queue Save This

""

Related Stories
Tags
Financial
Government
Telecommunications
U.S.
Data Loss
Infosecurity
Privacy Law
Privacy Opinion
Recent Comments