The op-ed page for the privacy industry.

Brexit – A data protection action plan

Eduardo Ustaran, CIPP/E
"There is cliff, whose high and bending head looks fearfully in the confined deep. Bring me to the very brim of it" says the blinded Earl of Gloucester in Shakespeare's King Lear, thinking that he is at the edge of the famous white cliffs of Dover. Right now, the whole of the U.K. appears to be on ...
Brazil’s DPA has arrived: Is it a blessing or curse in disguise?
As the curtains close on his mandate, Brazil’s President Michel Temer enacted a provisional measure — similar to an executive order in the U.S. — that was published in the Official Gazette Dec. 28, 2018, creating the Brazilian Data Protection Authority (Autoridade Nacional de Proteção de Dados or AN...
Why privacy-risk analysis must not be harm-focused
R. Jason Cronk, CIPM, CIPP/US
Much of my work around privacy by design involves disabusing lawyers of preconceptions of privacy “harms.” For the better part of the last century, the jurisprudential focus in the U.S. has been on cognizable harms, or damages, resulting from statutory or common law privacy invasions. Courts almost...
A plea to keep surveillance out of the holidays
Ryan Chiavetta, CIPP/US
You better watch out. You better not cry.You better not pout I’m telling you why.Santa Claus sees all that you do.But it was alright, everything was alright, Christmas was finished. He had won a spot on the Nice List. He loved Kris Kringle. Another holiday season is almost in the books, and it seem...
Top 10 Privacy Perspectives of 2018
Jedidiah Bracy, CIPP/E, CIPP/US
We all knew 2018 was going to be a busy year, but it's fair to say that, somehow, it was even crazier than most of us expected. Of course, 2018 is the year of the EU General Data Protection Regulation. May 25 was the big day. And like Y2K, the world didn't end May 26. For those of us on the IAPP pu...
Tracking GDPR derogations and implementations
Emily Leach, CIPP/E, CIPP/US
Today the IAPP releases a new tool that has been months in the making. The "EU Member State GDPR Derogation Implementation Tracker" looks at specific provisions in the EU General Data Protection Regulation whereby member states are required to, or may, create rules specific to that country — commonl...
Can FTC consent orders effectively police privacy?
Joseph Jerome, CIPP/US
When The New York Times recently reported that Facebook “failed to police how its partners handled user data,” it seemed like just another in a series of bad privacy headlines in 2018. But the report also noted that the problem was uncovered and dismissed during an assessment pursuant to Facebook’s ...