BigID_Ldbd_ROS_GDPR_blue
OneTrust_Leaderboard_Banner_ROS_728x90_01_19
BNA_21569 BLW ACC 2016 AHLA Survey and Guidance Report BAN 728x90_Ldbd
S17_Banner_300x250-COPY
PLF2015_AD-01
DPI17_Web_300x250-COPY

(Feb 23, 2017) With the EU General Data Protection Regulation just around the corner, companies managing risk and working with big data applications have much work to do to mitigate any compliance gaps. A recent IAPP-hosted web conference explored these issues, and based on interactions with a number of companies and regulators following the event, Anonos CEO Gary LaFever has mapped out the varying stages of adjustment companies have been making for GDPR readiness. In this post for Privacy Perspectives, LaFever details these five stages, ranging from the first stage, "awareness," to the final stage, "ensuring continuity of operations," to help companies that control and process data find a solution. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Web con: Knowing and Implementing the GDPR, Part 1

(Feb 23, 2017) Spanning hundreds of sections, and with vast territorial scope, the EU General Data Protection Regulation is the most important privacy regulation the world has seen in decades. It asks a great deal of organizations all over the world that collect and process data about European individuals. It imposes hefty fines on those who fail to comply. In this three-part series, the IAPP examines the GDPR’s mandates and delivers insights into creating a compliance program designed to stand the test of time. In part 1, IAPP Vice President of Privacy Research and Education Omer Tene and Hogan Lovells Partner Eduardo Ustaran, CIPP/E, offer a rundown on the history of data protection law in the EU, including background on the Data Protection Directive, in order to understand the important new concepts and definitions in the GDPR. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Ohlhausen: Immigration executive order will not affect Privacy Shield

(Feb 23, 2017) Federal Trade Commission Acting Chairman Maureen Ohlhausen said her agency’s enforcement of the EU-U.S. Privacy Shield agreement will not be affected by President Donald Trump’s executive order on immigration, Morning Consult reports. “We will continue to enforce the Privacy Shield protections, and we hope we will move ahead as planned,” Ohlhausen said. “In my opinion, nothing has changed.” Ohlhausen noted the executive order only references the Privacy Act and does not affect the FTC’s mandate ... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Help crowdsource mobile privacy risk

(Feb 23, 2017) In collaboration with Kryptowire, the IAPP is building a crowd-sourced risk-scanning tool for mobile applications. The tool will allow privacy professionals to scan the code of an app being created by their organizations to flag potential privacy issues that might need to be mitigated or mentioned in a privacy notice. First, however, we need to assess how much risk privacy professionals perceive in actions taken by mobile applications, from accessing contacts to turning on a microphone. Thus, we... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

IAPP's Hughes on the future of privacy at RSA

(Feb 22, 2017) During last week's RSA Conference in San Francisco, California, IAPP President & CEO J. Trevor Hughes, CIPP, gave a featured presentation on the history and future of privacy. "I want to share with you how central privacy is to the human condition and how important privacy is to those fundamental human rights that we all hold so dear," he said during his opening remarks. In addition to charting out the future of privacy, Hughes uses art as a vehicle because, by doing so, "it opens up your ability to understand the complexity of this issue," he said. Starting with the apple first eaten by Adam and Eve all the way through to the modern tech giant, Apple, and its privacy battle with the FBI, Hughes lays out a nuanced way of understanding the complex and changing notions of privacy in society.  Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

What makes a great DPA?

(Feb 22, 2017) The global population of privacy and data protection regulators is understandably diverse. Some data protection agencies are still in their infancy, established by brand-new laws. Others have robust histories of enforcement and deep, experienced staffs. But what makes a regulatory agency effective? Is it experience, approach, philosophy, the law that creates it? Such are the questions explored in a new report authored by the U.S. Chamber of Commerce and Hunton & Williams, "Seeking Solutions: Attributes of Effective Data Protection Authorities." The 40-page white paper identifies seven key traits that effective DPAs share and offers examples of how those traits play out in the real world.  Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

RSA presentation: The New Technological Approach to Privacy

(Feb 22, 2017) For years a place of policy and law, privacy is entering its next evolutionary phase, with technological approaches and solutions. In order to operationalize privacy, and help it work side by side with cybersecurity, organizations need frameworks and tools that allow for controls and automation. These are under rapid development. Further, privacy understanding is working its way deeper into the cybersecurity community and efforts to protect personal information are now infused with an understand... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

PSR call for presentations deadline approaching

(Feb 21, 2017) In just three years, the IAPP's Privacy. Security. Risk. conference, happening this October in San Diego, California, has become a truly unique opportunity for privacy and security professionals to get together and find common understanding. By combining privacy and security operations management, we are able to focus on those policy areas where the critical conversations happen and provide information that both teams can use to do their jobs better. Want in? Our P.S.R. call for presentations ends Feb. 26. Make sure to get your proposal in, whether you're focusing on privacy, security, or both.  Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Roundup: South Africa, EU, US and more

(Feb 21, 2017) The South African Information Regulator had its first briefing on the country's Protection of Personal Information Act; Australian companies have a year to come into compliance with the country’s new breach notification law; Japan’s Act on Protection of Personal Information comes into force at the end of May; and the EU ePrivacy Regulation proposal continues to be debated and analyzed. In the U.S., lawmakers have introduced the Geolocation Privacy and Surveillance Act, designed to create rules for when agencies can track and access a citizen's geolocation data, and privacy advocates are concerned about potential rollback of Federal Communications Commission's broadband privacy rules. Read about all this and more in this week’s Privacy Tracker legislative roundup. (IAPP member login required.) Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

WP29 releases Privacy Shield rules of procedure and complaint form

(Feb 21, 2017) The Article 29 Working Party has released two forms related to the EU-U.S. Privacy Shield agreement. The rules of procedure for the "Informal Panel of EU DPAs" provides a road map for handling complaints under Shield. "The panel is competent for providing binding advice to the US organisations following unresolved complaints from individuals about the handling of personal information that has been transferred from" the EU under Shield. According to the document, the panel will attempt to provide... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest