BNA_21569 BLW ACC 2016 AHLA Survey and Guidance Report BAN 728x90_Ldbd

(Feb 23, 2017) Just because the Citizens United in Action-led mock Hong Kong chief executive ballot will go live once more doesn't mean users shouldn't participate with caution, Alex Lo writes in an op-ed for the South China Morning Post. The group suspended the poll after Privacy Commissioner Stephen Kai-yi Wong raised data collection and privacy concerns, Lo reports. There are still questions of how the group will use, store and protect the data gathered from the poll, and how long it will store the informat... Read More

Asia-Pacific Dashboard Digest

Pilgrim won't appeal federal court ruling on Telstra case

(Feb 23, 2017) Privacy Commissioner Timothy Pilgrim will not appeal the Federal Court of Australia's decision regarding the Administrative Appeals Tribunal's "limiting the ‘metadata’ Telstra is compelled to hand over to an individual if that individual requests access to it," Computerworld reports. Pilgrim had originally appealed a ruling in the case of reporter Ben Grubb and his attempts to access his Telstra-held metadata. Telstra said it would provide only some of the requested information and brought the c... Read More

Asia-Pacific Dashboard Digest, Privacy Bar Section

Student union president awarded $18,000 after letter leaked

(Feb 23, 2017) New Zealand's Human Rights Review Tribunal has awarded $18,000 to a student union president after her vice president leaked a private letter to the university's student magazine, reports. "The letter, which reprimanded the president for failing to meet several of her role's key performance objectives, was published as part of a story about dysfunction with the union," the report states. The president filed a complaint with the Office of the Privacy Commissioner, which, after an in... Read More

Asia-Pacific Dashboard Digest, Privacy Bar Section

On the five big data stages of adjustment to the GDPR

(Feb 23, 2017) With the EU General Data Protection Regulation just around the corner, companies managing risk and working with big data applications have much work to do to mitigate any compliance gaps. A recent IAPP-hosted web conference explored these issues, and based on interactions with a number of companies and regulators following the event, Anonos CEO Gary LaFever has mapped out the varying stages of adjustment companies have been making for GDPR readiness. In this post for Privacy Perspectives, LaFever details these five stages, ranging from the first stage, "awareness," to the final stage, "ensuring continuity of operations," to help companies that control and process data find a solution. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Web con: Knowing and Implementing the GDPR, Part 1

(Feb 23, 2017) Spanning hundreds of sections, and with vast territorial scope, the EU General Data Protection Regulation is the most important privacy regulation the world has seen in decades. It asks a great deal of organizations all over the world that collect and process data about European individuals. It imposes hefty fines on those who fail to comply. In this three-part series, the IAPP examines the GDPR’s mandates and delivers insights into creating a compliance program designed to stand the test of time. In part 1, IAPP Vice President of Privacy Research and Education Omer Tene and Hogan Lovells Partner Eduardo Ustaran, CIPP/E, offer a rundown on the history of data protection law in the EU, including background on the Data Protection Directive, in order to understand the important new concepts and definitions in the GDPR. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Ohlhausen: Immigration executive order will not affect Privacy Shield

(Feb 23, 2017) Federal Trade Commission Acting Chairman Maureen Ohlhausen said her agency’s enforcement of the EU-U.S. Privacy Shield agreement will not be affected by President Donald Trump’s executive order on immigration, Morning Consult reports. “We will continue to enforce the Privacy Shield protections, and we hope we will move ahead as planned,” Ohlhausen said. “In my opinion, nothing has changed.” Ohlhausen noted the executive order only references the Privacy Act and does not affect the FTC’s mandate ... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Help crowdsource mobile privacy risk

(Feb 23, 2017) In collaboration with Kryptowire, the IAPP is building a crowd-sourced risk-scanning tool for mobile applications. The tool will allow privacy professionals to scan the code of an app being created by their organizations to flag potential privacy issues that might need to be mitigated or mentioned in a privacy notice. First, however, we need to assess how much risk privacy professionals perceive in actions taken by mobile applications, from accessing contacts to turning on a microphone. Thus, we... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

IAPP's Hughes on the future of privacy at RSA

(Feb 22, 2017) During last week's RSA Conference in San Francisco, California, IAPP President & CEO J. Trevor Hughes, CIPP, gave a featured presentation on the history and future of privacy. "I want to share with you how central privacy is to the human condition and how important privacy is to those fundamental human rights that we all hold so dear," he said during his opening remarks. In addition to charting out the future of privacy, Hughes uses art as a vehicle because, by doing so, "it opens up your ability to understand the complexity of this issue," he said. Starting with the apple first eaten by Adam and Eve all the way through to the modern tech giant, Apple, and its privacy battle with the FBI, Hughes lays out a nuanced way of understanding the complex and changing notions of privacy in society.  Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

What makes a great DPA?

(Feb 22, 2017) The global population of privacy and data protection regulators is understandably diverse. Some data protection agencies are still in their infancy, established by brand-new laws. Others have robust histories of enforcement and deep, experienced staffs. But what makes a regulatory agency effective? Is it experience, approach, philosophy, the law that creates it? Such are the questions explored in a new report authored by the U.S. Chamber of Commerce and Hunton & Williams, "Seeking Solutions: Attributes of Effective Data Protection Authorities." The 40-page white paper identifies seven key traits that effective DPAs share and offers examples of how those traits play out in the real world.  Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

India to share world’s largest biometric database with tech firms

(Feb 22, 2017) The Wall Street Journal reports on India’s efforts to create the world’s largest biometric identity database and share that data with tech companies. The initiative, known as “India Stack,” is designed to standardize the exchange of digital data to help tech firms, health care providers, and app developers transfer official documents to help citizens get jobs, make financial transactions, and access government services, but the database has caught the eye of privacy advocates. “It’s the worst time for privacy policy in the country,” said Centre for Internet and Privacy Executive Director Sunil Abraham. “We are very caught up in technological exuberance. Techno-utopians are ruling the roost.” (Registration may be required to access this story.)  Read More

Asia-Pacific Dashboard Digest, Daily Dashboard