News Stream Books Videos Web Conferences Subscriptions Advertise About IAPP Publications
Daily Dashboard Daily Dashboard

The day’s top stories from around the world

 AI Governance Dashboard – New AI Governance Dashboard – New

Stay on top of the latest AI governance news and developments of the profession.

 The Privacy Advisor The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

 Privacy Perspectives Privacy Perspectives

Where the real conversations in privacy happen

 Privacy Tech Privacy Tech

Exploring the technology of privacy

 Canada Dashboard Digest Canada Dashboard Digest

A roundup of the top Canadian privacy news

 Europe Data Protection Digest Europe Data Protection Digest

A roundup of the top European data protection news

 Asia-Pacific Dashboard Digest Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

 Latin America Dashboard Digest Latin America Dashboard Digest

A roundup of the top privacy news from Latin America

 U.S. Privacy Digest U.S. Privacy Digest

A roundup of US privacy news
Overview KnowledgeNet Chapters Sections Affinity Groups Volunteer Annual Awards Career Central
Find a KnowledgeNet Chapter Near You

Talk privacy and network with local members at IAPP KnowledgeNet Chapter meetings, taking place worldwide.

 IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

 IAPP Calendar

Review a filterable list of conferences, KnowledgeNets, LinkedIn Live broadcasts, networking events, web conferences and more.
Overview Online Training Live Online Training In-Person Training Books Practice Exams Train Your Staff Official Training Partners Web Conferences
Artificial Intelligence Governance Professional Artificial Intelligence Governance Professional

Learn how to surround AI with policies and procedures that make the most of its potential by reducing its risks.

 European Data Protection (CIPP/E)

Understand Europe’s framework of laws, regulations and policies, most significantly the GDPR.

 U.S. Private-Sector Privacy (CIPP/US)

Steer a course through the interconnected web of federal and state laws governing U.S. data privacy.

 Canadian Privacy (CIPP/C)

Learn the intricacies of Canada’s distinctive federal/provincial/territorial data privacy governance systems.

 Privacy Program Management (CIPM)

Develop the skills to design, build and operate a comprehensive data protection program.

Privacy in Technology (CIPT)

Add to your tech knowledge with deep training in privacy-enhancing technologies and how to deploy them.

 Foundations of Privacy and Data Protection

Introductory training that builds organizations of professionals with working privacy knowledge.

 Privacy Law Specialist Training (PLS)

Meet the stringent requirements to earn this American Bar Association-certified designation.
Overview Certification Programs Get Certified How to Prepare Continuing Privacy Education (CPE) Fees Certify Your Staff Verify a Certification
CIPP Certification CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

 CIPM Certification CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

 CIPT Certification CIPT Certification

As technology professionals take on greater privacy responsibilities, our updated certification is keeping pace with 50% new content covering the latest developments.

 FIP Designation FIP Designation

Recognizing the advanced knowledge and issue-spotting skills a privacy pro must attain in today’s complex world of data privacy.

 Privacy Law Specialist Privacy Law Specialist

The first title to verify you meet stringent requirements for knowledge, skill, proficiency and ethics in privacy law, and one of the ABA’s newest accredited specialties.

 AIGP Certification AIGP Certification

Ensures individuals responsible for AI systems can reduce the risks associated with this technology.

 Certificação CDPO/BR Certificação CDPO/BR

Mostre seus conhecimentos na gestão do programa de privacidade e na legislação brasileira sobre privacidade.

 Certification CDPO/FR Certification CDPO/FR

Certification des compétences du DPO fondée sur la législation et règlementation française et européenne, agréée par la CNIL.
Tools and Trackers Research Glossary Global Privacy Directory Enforcement Database Westin Research Center Web Conferences Jobs Privacy Vendor Marketplace
Global Privacy Directory

This tool identifies global data protection authorities and privacy legislation.
US State Privacy Legislation Tracker

The IAPP’s US State Privacy Legislation Tracker consists of proposed and enacted comprehensive state privacy bills from across the U.S.
Reports and Surveys

Access all reports and surveys published by the IAPP.
Privacy Governance Report

This report shines a light on the location, performance and significance of privacy governance within organizations.
Privacy Risk Study

This year’s Privacy Risk Study represents the most comprehensive study of privacy risk undertaken by the IAPP in collaboration with KPMG.
Artificial Intelligence

On this topic page, you can find the IAPP’s collection of coverage, analysis and resources covering AI connections to the privacy space.
CCPA and CPRA

IAPP members can get up-to-date information here on the California Consumer Privacy Act and the California Privacy Rights Act.
EU General Data Protection Regulation

The IAPP's EU General Data Protection Regulation page collects the guidance, analysis, tools and resources you need to make sure you're meeting your obligations.
Data Protection Intensive: UK Data Protection Intensive: UK

Explore the full range of U.K. data protection issues, from global policy to daily operational details.

Global Privacy Summit Global Privacy Summit

Expand your network and expertise at the world’s top privacy event featuring A-list keynotes and high-profile experts.

AI Governance Global AI Governance Global

A new event in Brussels for business leaders, tech and privacy pros who work with AI to learn about practical AI governance, accountability, the EU AI Act and more.

 Canada Privacy Symposium Canada Privacy Symposium

Leaders from across the Canadian privacy field deliver insights, discuss trends, offer predictions and share best practices.

Asia Privacy Forum Asia Privacy Forum

Hear top experts discuss global privacy issues and regulations affecting business across Asia.

 Privacy. Security. Risk. (P.S.R.) Privacy. Security. Risk. (P.S.R.)

P.S.R. focuses on the intersection of privacy and technology. The call for proposals to speak at the 2024 event is open. Submit your ideas today.

 Europe Data Protection Congress Europe Data Protection Congress

Europe’s top experts offer pragmatic insights into the evolving landscape and share knowledge on best practices for your data protection operation.

 ANZ Summit ANZ Summit

Gain exclusive insights about how privacy affects business in Australia and Aotearoa New Zealand.

 Speak at an IAPP Event

View our open calls and submission instructions.

 Sponsor an Event

Increase visibility for your organization — check out sponsorship opportunities today.

Individual Membership Corporate Membership Group Membership Student Membership
Become a Member

Start taking advantage of the many IAPP member benefits today

 Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

 Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits
{[product.name]} {[ product.name ]}
clear
mode_editEdit
remove_circle_outline {[ getCartItemQuantity(product.id) ]} add_circle_outline
{[ product.price | currencyFilter ]}
TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

The Privacy Advisor | Volunteer Spotlight: A conversation with Web Hull Related reading: Volunteer Spotlight: A conversation with Allen Brandt

rss_feed

In this Volunteer Spotlight, The Privacy Advisor caught up with Web Hull, CIPP/US, CIPP/G, and asked him to reflect on privacy developments and predict emerging trends. Having worked in the privacy space since 2000, he's has seen the growth of the field firsthand. He got his start as both a consultant and with the Global Privacy & Compliance Group at Iron Mountain. He's now lead information security privacy specialist at Houghton Mifflin Harcourt.

The Privacy Advisor: Having been involved with the IAPP since its inception, how would you describe the growth of the field?

Hull: Astronomic. Who would think that with a start of maybe 200 people at the first conference that it would grow to where it is today, with no end in sight. It’s phenomenal.

The Privacy Advisor: What do you see as emerging trends in privacy?

Hull: To start with, there will be more rules, laws and regulations that overlap to some degree. It’s not just state to state, but country to country and region to region. I expect a continual growth in specific rules, regulations and standards that might not all be in harmony – making a real challenge for people in a multi-country business to adapt, develop and comply. Additionally, I think there will be increasing pressure on companies that have a direct interface with customers to be more and more restrictive on how customer data is collected, shared, used, disclosed, and protected. This will be a real challenge for companies to not only operationalize, but to ensure they have a sustainable business model with increasing restrictions on the use of data. For vendors, I think you will an increasing and more finely detailed restrictions, controls, monitoring and reporting for evidence of compliance. Finally, I think this will be the year, or couple of years, where data flows down to fourth and fifth parties becomes heavily focused upon.

The Privacy Advisor: How do you think the U.S. will move forward with federal privacy legislation?

Hull: There is a history of continual proposals for federal legislation and we already have it for some sectoral regulation such as HIPAA, but my experience has been that action first takes place on the state level. After a couple of dozen or more states adopt overlapping or conflicting rules, the federal regulators and legislators will wake up to the need. I’m not sure we are at that point yet. There is emerging consumer pressure to do something, but I don’t yet see it as point where the federal government needs or is willing to step in. There will be pressure for it, and there will always be advocates in Congress for it, but I don’t see a lot of traction in the near-term.

The Privacy Advisor: What do you see as the top privacy needs from your clients?

Hull: Having been both a consultant and an in-house privacy officer, I think the top privacy need from clients has been this: How can I get into, stay in, and if, I’m really good, anticipate what I have to do continually be in compliance. A lot of times, the need comes from a reaction to something that might have happened, such as experiencing data loss or a new regulation. The question becomes, “What do I have to do operationally, in regard to my customers and my regulators, in order to be in compliance?” Privacy becomes a central component of the products that companies are offering to their customers. Sometimes it’s not seen as that, its seen as an add-on or a non-functional attribute, but the customer sees privacy as being core to the product. Companies need help to implement, articulate and communicate to their various customers.

The Privacy Advisor: What do you think has been the greatest privacy milestone so far?

Hull: I can’t say there is one milestone or even just a handful — instead, what you see is a greater understanding of what constitutes personal information and personal data and you see evolving ways to identify how it is used, how it flows through an organization, and how its protected. Nonetheless some of the key milestones domestically would be the Gramm Leach Bliley Act, the HIPAA Privacy and Security Rules, the Massachusetts Data Protection Act, and the Privacy Policy requirement. Internationally the GDPR is a major milestone for two reasons, for its micro approach to how data is collected and used, and for its extraterritorial extension. There are many more I could include but the greatest development has been the growing privacy awareness and the need for organizations to provide an operational solution to properly handle data.

The Privacy Advisor: What piece of advice would you give new professionals looking to enter the space?

Hull: First advice: Join IAPP. Attend KnowledgeNets and conferences, volunteer, get active. After that: Read. Read. Read. This discipline changes every single day. Find a way to stay current and look ahead. Finally: Develop a skill to operationalize, in a practical manner, privacy requirements.

 

Author
Headshot Molly Hulefeld Nonmember Contributor
Tags
Privacy Community
Comments

If you want to comment on this post, you need to login.

Related Stories
Volunteer Spotlight: A conversation with Allen Brandt
In this Volunteer Spotlight, The Privacy Advisor caught up with Allen Brandt, CIPP/E, CIPP/US, CIPM, FIP, and asked him to reflect on the past and current state of affairs in the privacy space. It's a space Brandt knows well, having worked in a number of sectors over his career. Now executive direct...
Read More queue Save This
Volunteer Spotlight: A conversation with ShanShan Pa
The Privacy Advisor recently caught up with ShanShan Pa, CIPP/US, CIPP/E, CIPM, FIP, head of privacy and compliance for U.S. and Europe at Alibaba Cloud. Speaking shortly after her return from the IAPP Asia Privacy Forum, Pa shared her thoughts on the summit, regulatory developments across the Asia-...
Read More queue Save This
Volunteer Spotlight: A conversation with Laura Vivet
The Privacy Advisor recently caught up with Laura Vivet, CIPP/US, CIPP/E, managing consultant with Navigant, where she focuses on global privacy programs and GDPR for multinational companies. Vivet shares her thoughts on different approaches to privacy, Brexit and what made her focus on privacy as a...
Read More queue Save This
Volunteer Spotlight: David Young
The Privacy Advisor recently caught up with David Young, Principal at David Young Law, a privacy and regulatory counsel practice in Toronto, Canada, where he focuses on regulatory law with an emphasis on privacy, security, product marketing, and organizational compliance. Young was a member of the I...
Read More queue Save This
Related Stories
Tags
Privacy Community
Recent Comments