BNA_21569 BLW ACC 2016 AHLA Survey and Guidance Report BAN 728x90_Ldbd
OneTrust_Leaderboard_Banner_ROS_728x90_01_19
BigID_Ldbd_ROS_GDPR_blue
S17_Banner_300x250-COPY
DPI17_Web_300x250-COPY
IAPP_Salary-Survey_300x250_FINAL

(Feb 23, 2017) Greetings from Brussels! An interesting report was released this week by the U.S. Chamber of Commerce and law firm Hunton & Williams, looking at the qualities of an effective privacy regulator. Chief amongst their findings is that regulators ought to be good communicators, both seeking feedback from their regulated communities and working collaboratively to understand technological innovation. We saw this play out in real time this week, as the WP29 has made inquiries into Microsoft’s pr... Read More

Europe Data Protection Digest

ICO investigates London home as part of illegal customer data access probe

(Feb 23, 2017) The U.K. Information Commissioner’s Office searched a London home as part of an investigation into the illegal access of customer information. The Nationwide Accident Repairs Services told the ICO one of its computer systems had been illicitly accessed to view car repair estimates, which contain personal data. The ICO believes this breach resulted in the unlawful trading of citizens’ data and could be linked to a string of nuisance calls. “Our experience shows that unscrupulous people access per... Read More

Europe Data Protection Digest

On the five big data stages of adjustment to the GDPR

(Feb 23, 2017) With the EU General Data Protection Regulation just around the corner, companies managing risk and working with big data applications have much work to do to mitigate any compliance gaps. A recent IAPP-hosted web conference explored these issues, and based on interactions with a number of companies and regulators following the event, Anonos CEO Gary LaFever has mapped out the varying stages of adjustment companies have been making for GDPR readiness. In this post for Privacy Perspectives, LaFever details these five stages, ranging from the first stage, "awareness," to the final stage, "ensuring continuity of operations," to help companies that control and process data find a solution. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Web con: Knowing and Implementing the GDPR, Part 1

(Feb 23, 2017) Spanning hundreds of sections, and with vast territorial scope, the EU General Data Protection Regulation is the most important privacy regulation the world has seen in decades. It asks a great deal of organizations all over the world that collect and process data about European individuals. It imposes hefty fines on those who fail to comply. In this three-part series, the IAPP examines the GDPR’s mandates and delivers insights into creating a compliance program designed to stand the test of time. In part 1, IAPP Vice President of Privacy Research and Education Omer Tene and Hogan Lovells Partner Eduardo Ustaran, CIPP/E, offer a rundown on the history of data protection law in the EU, including background on the Data Protection Directive, in order to understand the important new concepts and definitions in the GDPR. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Ohlhausen: Immigration executive order will not affect Privacy Shield

(Feb 23, 2017) Federal Trade Commission Acting Chairman Maureen Ohlhausen said her agency’s enforcement of the EU-U.S. Privacy Shield agreement will not be affected by President Donald Trump’s executive order on immigration, Morning Consult reports. “We will continue to enforce the Privacy Shield protections, and we hope we will move ahead as planned,” Ohlhausen said. “In my opinion, nothing has changed.” Ohlhausen noted the executive order only references the Privacy Act and does not affect the FTC’s mandate ... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Study: Two-thirds of companies risk noncompliance with GDPR

(Feb 23, 2017) A Compuware-commissioned Vanson Bourne survey has found that two thirds of global companies risk noncompliance with the General Data Protection Regulation, including 52 percent of U.S. companies without a European presence but with European customers in their databases, InformationWeek reports. Lack of compliance puts these companies in danger of considerable fines. "Data management and compliance professionals need to mobilize now because, given the scope of the changes necessary, May 2018 isn’t really that far off," the report adds. Read More

Daily Dashboard, Europe Data Protection Digest

European court rules in favor of singer in long-running privacy case

(Feb 23, 2017) The European Court of Human Rights ruled in favor of singer and television personality Paulina Rubio in a long-running privacy case, according to The Hollywood Reporter. Rubio’s former manager gave interviews to Spanish broadcasters in 2005 about the singer’s sexuality. Rubio sued the television stations, hosts, and her former manager, but her lawsuit was dismissed by a Madrid judge. The European Court of Human Rights ruled differently, stating the actions were a violation of Article 8 of the Eu... Read More

Daily Dashboard, Europe Data Protection Digest, Privacy Bar Section

Help crowdsource mobile privacy risk

(Feb 23, 2017) In collaboration with Kryptowire, the IAPP is building a crowd-sourced risk-scanning tool for mobile applications. The tool will allow privacy professionals to scan the code of an app being created by their organizations to flag potential privacy issues that might need to be mitigated or mentioned in a privacy notice. First, however, we need to assess how much risk privacy professionals perceive in actions taken by mobile applications, from accessing contacts to turning on a microphone. Thus, we... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

IAPP's Hughes on the future of privacy at RSA

(Feb 22, 2017) During last week's RSA Conference in San Francisco, California, IAPP President & CEO J. Trevor Hughes, CIPP, gave a featured presentation on the history and future of privacy. "I want to share with you how central privacy is to the human condition and how important privacy is to those fundamental human rights that we all hold so dear," he said during his opening remarks. In addition to charting out the future of privacy, Hughes uses art as a vehicle because, by doing so, "it opens up your ability to understand the complexity of this issue," he said. Starting with the apple first eaten by Adam and Eve all the way through to the modern tech giant, Apple, and its privacy battle with the FBI, Hughes lays out a nuanced way of understanding the complex and changing notions of privacy in society.  Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

What makes a great DPA?

(Feb 22, 2017) The global population of privacy and data protection regulators is understandably diverse. Some data protection agencies are still in their infancy, established by brand-new laws. Others have robust histories of enforcement and deep, experienced staffs. But what makes a regulatory agency effective? Is it experience, approach, philosophy, the law that creates it? Such are the questions explored in a new report authored by the U.S. Chamber of Commerce and Hunton & Williams, "Seeking Solutions: Attributes of Effective Data Protection Authorities." The 40-page white paper identifies seven key traits that effective DPAs share and offers examples of how those traits play out in the real world.  Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest