ACI_Q2_Ads_disaster-728x90
ACI_Q2_Ads_battletested-728x90
BNA_15349_Privacy_Law_Asia_wp_ad_680x75_Ldbd
PPS15-DC_Web_300x250_CareerCentral_FINAL
DPC15_300x250_ads_FINAL

(Aug 31, 2015) It doesn’t take more than about 15 minutes of being here at the IAPP to realize we have a (somewhat un)healthy obsession with George Orwell’s Nineteen Eighty-Four (1984). Throughout our offices, you’ll see a vintage movie poster featuring John Hurt and Suzanna Hamilton locked in anguished embrace under the glaring eyes of Bob Flag (Big Brother). “BIG BROTHER IS WATCHING YOU” greets you at the bottom of a stairwell. A four-foot tall big brother head surveills the marketing, sales and training tea... Read More

Privacy Perspectives

Wright Will Be Missed at the FTC

(Aug 28, 2015) This week, Commissioner Joshua D. Wright left the Federal Trade Commission (FTC) to return to his faculty position at George Mason University. Wright was one of two Republican commissioners and, in his almost three-year tenure at the Commission, Wright focused mostly on the FTC’s antitrust responsibilities. That being the case, should the privacy community care about Wright’s departure? I think so. Many privacy advocates have criticized what they see as Commissioner Wright’s overly empirical, ... Read More

Privacy Perspectives

Open Season on Service Providers? The General Data Protection Regulation Cometh…

(Aug 25, 2015) Service providers, be afraid. Be very afraid. Especially (but not only) if you're an IaaS/PaaS cloud provider. Data controllers, be prepared. Your service providers (if well-advised) will want to negotiate or renegotiate your contracts. Why? The General Data Protection Regulation (GDPR). This would make service providers and other data processors directly liable, across the European Economic Area (EEA), for security and certain other data protection-related matters. The EU institutions, each w... Read More

Privacy Perspectives

Wyndham: Easy Cases Make Good Law

(Aug 25, 2015) As Justice Oliver Wendell Holmes once wrote, hard cases make bad law; the corollary, perhaps, is that easy cases make good law. That was certainly true in Wyndham Hotels v. Federal Trade Commission (FTC), which pitted the hotel chain, whose allegedly appalling data security practices led to persistent leaks of customer information, against the federal trade regulator. On Monday, the U.S. Court of Appeals for the Third Circuit dealt the FTC a resounding legal victory—and Wyndham a stinging defeat... Read More

Privacy Perspectives

The Ashley Madison Leak and Why We Shouldn't Buy Into It

(Aug 19, 2015) “I’m sure there are millions of Ashley Madison users who wish it weren’t so, but there is every indication this dump is the real deal.” Brian Krebs Living up to their threats from last month, it now appears the Impact Team, the hacking group behind the intrusion of infamous infidelity website Ashley Madison (AM), has leaked the full database of the site's users online. The data dump weighs in at an impressive 9.7 gigabytes of compressed data that includes account details for approximately 32 mi... Read More

Privacy Perspectives

PII as Political Might

(Aug 7, 2015) A record number of American voters watched the first two Republican presidential debates this week. And while it's hard for anything of substance to come through with so many voices jockeying for attention, there is one thing that is clear: Data is at the center of this election.  National politics in the United States is a data-driven game nowadays, and many believe that the best big data analyst will win.  Just look at the battle over voter lists that has emerged between the Republican Natio... Read More

Privacy Perspectives

Are BCR for Processors Still Under Discussion in the Trilogue or Not?

(Aug 6, 2015) Promptly after the European Council version of the proposed General Data Protection Regulation (GDPR) was adopted, the Article 29 Working Party (WP29) published its overview of outstanding topics, indicating that it is “concerned about the deletion of the possibility of BCR for Processor (BCR-P) and considers it essential to re-insert them.” The companies that have already introduced BCR-P, or are in the authorization process, were alarmed. Are BCR-P still uncertain? Did the Council delete the ... Read More

Privacy Perspectives

Building Economies With Privacy in Mind

(Aug 4, 2015) When looking at developing economies, it’s tempting to pump the breaks on privacy protections. Look at how all this data can help drive innovation, the logic goes. Let’s worry about privacy once we’ve got things up and running. That’s short-sighted logic, however, and feeds off a couple of pervasive fallacies that are worth debunking. First, there is this idea that third-world countries don’t have technology to speak of, so why worry about privacy and data protection. Nothing could be further ... Read More

Privacy Perspectives

For Privacy Officers: Getting to Accountability with Limited Resources

(Jul 29, 2015) Many privacy and data protection regulators around the world, including regulators in Canada, France, Australia, Hong Kong and Colombia, have written guideline papers about accountability that promote the building of a privacy-management program. These guideline papers provide the building blocks for a privacy program but do not address how to resource the building and maintain a privacy-management program. Privacy offices grapple with the challenge of finding enough resources to allocate for p... Read More

Privacy Perspectives

Dr. Halamka, or How I Learned To Stop Worrying and Publish My Medical Records

(Jul 21, 2015) Of all the personal data people guard most closely, personal medical records are near the top. Along with financial information, personal health records are data sets that have the potential to make us the most vulnerable in society. So it’s no surprise that, in the U.S., there are very specific and rigid laws that protect such data. Of course, HIPAA is perhaps the most commonly known U.S.-based law related to privacy, even though the "P" is for "Portability" and not "Privacy." The law has com... Read More

Privacy Perspectives