TR_DPA_Confidence Matters_Woman_v2_S063545_gif_728x90_ros_020718




The op-ed page for the privacy industry.

Brexit and data protection: Laying the odds

Eduardo Ustaran, CIPP/E
Among other things, 2018 will go down in history as the year of panics over data protection. First, it was the GDPR and its impossible deadline for compliance. Now it is Brexit and the uncertainty as to what it will mean. The famous phrase "Brexit means Brexit" is as cryptic today as it was two year...
Why we must remember where informed consent comes from
Lucia Savage
In an excellent IAPP podcast interview by Angelique Carson, CIPP/US, Woody Hartzog makes the compelling point that informed consent was originally developed for rare, high-risk and potentially life-threatening situations, like surgery and medical research. Hartzog argues that the process of informed...
Do we need the CaCPA whistleblower provision back?
Lydia de la Torre, CIPP/US
The California Consumer Privacy Act of 2018 followed an unorthodox path to approval. It started as a ballot proposal set to be voted on during the November 2018 cycle. During the last two weeks of July 2018, in a flurry of activity, a deal was struck between the ballot proponents and Sacramento to p...
Data breach notifications may facilitate identity theft
Kelce Wilson, CIPP/US, CIPP/E, CIPM
It is a serious claim that data breach notification letters may facilitate identity theft. Rather than make an argument for that position, an explanation of how to accomplish identity theft using a data breach notification letter will be provided here and publicized elsewhere. When malicious actors ...
The long and difficult road to a US privacy law: Part 3
Robert Gellman
This is the third and last in a series about the road to a general-purpose U.S. data protection law and the pitfalls on that road. The focus here is on areas of agreement between business and consumers. There are, in fact, some areas where the interests of both camps overlap. Before moving there, w...
Obtaining adequacy standing for Colombia
Luis Alberto Montezuma, CIPP/C, CIPP/E, CIPP/US, CIPM, FIP
Many countries aspire to an adequacy decision from the European Commission. However, only a handful of countries have achieved that goal. In order to obtain an adequacy decision, a country needs to evaluate whether its data protection framework meets the new EU standards rather than focus on the no...