Browse Topics

Recently Added Resources

Comparing privacy laws: GDPR v. CCPA

DataGuidance and the Future of Privacy Forum have published a comparison guide concerning the EU General Data Protection Regulation and the California Consumer Privacy Act. Points of comparison in this guide between the two pieces of legislation include scope, key definitions, legal basis, rights and enforcement.View Now... Read More

Privacy Risk Study 2018: Privacy law compliance and litigation deemed significant risk factors

The U.S. Securities and Exchange Commission requires most publicly traded companies to annually disclose potential risk factors, including exposure to cybersecurity threats and violations of consumer privacy laws. The IAPP’s third annual study of these disclosures (part of Form 10-K) of 150 publicly traded companies shows that — like last year — effectively 100 percent identified concerns about cyberattacks in their 2017 10-K reports. New this year is a significantly higher concern about risks o... Read More

Measuring Privacy Operations

In this newest piece of an ongoing series of research that has looked at privacy operations and the use of privacy technology, the IAPP and TrustArc here examine the factors, including geographic region, organizational size, and sector, that are correlated with the current state and development of organizations’ response to various operational demands upon their privacy programs. We focused on certain core operational responsibilities required for compliance with most privacy regulations and the... Read More

APEC Privacy Framework

The APEC Framework, published by the Asia-Pacific Economic Cooperation, is a framework to protect privacy within and beyond economies and to enable regional transfers of personal information benefits consumers, businesses, and governments. This framework is used as a basis for the APEC Cross-Border Privacy Rules (CBPR) System.View Now (294 KB)... Read More

DPO Report Template

This slide deck created by the IAPP research team offers a customizable template for a report to organizational leadership to help Data Protection Officers show the activities of the data protection team as well as record compliance with the General Data Protection Regulation. Read More

Draft Agreement on the withdrawal of the United Kingdom of Great Britain and Northern Ireland from the European Union

November 14, 2018, draft proposal on the withdrawal of the United Kingdom and Northern Ireland from the European Union and the European Atomic Energy Community. The proposal wishes to set out the arrangements for the withdrawal, while taking account of the framework for the future relationship between the two countries and the remaining member-states of the European Union.Read Now (1.37 MB)... Read More