DPO Confessional

Like many privacy lawyers, I came to the field from an intellectual property law practice. Property rights are inherently territorial, so holding a patent or trademark in one country does not provide enforcement rights in another; one must register anew in each territory of interest.  This is a bit...

At a ceremony this morning at the Summit, Henriette “Jetty” Tielemans, co-chair of Covington & Burling’s global privacy and data security practice, was awarded the IAPP’s Privacy Vanguard Award by IAPP President and CEO Trevor Hughes, CIPP. As founder of Covington’s Brussels office in 1990, Tiel...

Law students at American law schools take property, torts, and contracts during their first year. It is difficult not to view consumer privacy interests through one or more of those lenses, particularly when U.S. consumer privacy law has been based on a notice and consent, enforced by principles of ...

IAPP Research Director and DPO Rita Heimes, CIPP/E, CIPP/US, CIPM, discusses the challenges of responding to subject access requests and offers a step-by-step look into her process in this DPO Confessional post....

This week, the IAPP posted a new privacy statement. We encourage our members not only to read it so they can better understand what personal information the IAPP collects and how it’s processed, but also to provide feedback, comments and suggestions on what might be missing or how it can be improved...

Privacy professionals have been involving themselves in their organizations’ vendor management programs for a few years now. Indeed, according to the 2016 IAPP-EY Privacy Governance Survey, 70 percent of respondents (up from 63 percent in 2015) were involved in a formal vendor management program — a...

In June of this year, I started an internship at the IAPP as the University of Maine School of Law’s inaugural Privacy Fellow. My goal was to spend the summer helping the IAPP’s Data Protection Officer, Rita Heimes, CIPP/US, CIPM, work toward IAPP compliance with the upcoming General Data Protection...

In this DPO Confessional post, IAPP Research Director and DPO Rita Heimes, CIPP/E, CIPP/US, CIPM, looks at how the IAPP has approached the data inventory and mapping step toward GDPR compliance....

Privacy and data protection issues do not present themselves in any particular order, so when starting out as a data protection officer, one has to be able to address the most pressing privacy issues “on the fly” while simultaneously moving methodically through a GDPR-readiness program. For the IAP...