ResourceCenter

This year’s issue of the IAPP’s Global Legislative Predictions is the largest to date since the IAPP began tracking predictions in 2017. Health data has been a center of attention in data privacy laws, another consequence of the COVID-19 pandemic. With the passage of China’s Personal Information Protection Law and potential passage of India’s Data Protection Bill, an additional one-third of the world’s population will be regulated by a data privacy law. While many countries agree data privacy is an important issue to regulate, some countries are seeing the greatest obstacle resides in how best to regulate it. Read More

Privacy is growing! Do you have the budget and resources needed to support this growth? To help support your strategy, this infographic provides an overview of the findings of the IAPP-EY Annual Privacy Governance Report 2021, with a focus on budget and staffing. Read More

This set of training modules from Center for Democracy and Technology provides guidance to state and local practitioners to ensure student privacy concerns are addressed. Read More

After the California Consumer Privacy Act passed in 2018, multiple states proposed similar legislation to protect consumers in their states. The IAPP Westin Research Center tracks proposed comprehensive state privacy bills from across the country to aid our members' efforts to stay abreast of the changing state-privacy landscape. Read More

This article from Privacy Affairs serves as an in-depth guide on how consumers can encrypt their internet connection. Read More

This article, published by Termageddon, outlines how personally identifiable information is defined in different privacy laws. Read More

Actions and statements by the U.S. Federal Trade Commission this year have made it clear the commission intends to use its rulemaking authority under Section 18 of the FTC Act, 15 U.S.C. §57a, to formulate rules prohibiting unfair or deceptive acts or practices. This infographic outlines the key rulemaking steps. Read More

Increasingly, privacy and data protection laws around the world require organizations to designate a data protection officer to translate legal protections into practical reality. This chart catalogues those requirements but does not include the many additional instances in which a DPO is recommended but not required. Read More

The US SEC requires most publicly traded companies to annually disclose in their Form 10-K submissions potential risk factors to investors. The IAPP studies these disclosures to assess not just whether companies have been disclosing personal data processing practices and privacy regulations as a risk, but also increasingly what business harms the organizations faced for getting privacy wrong. Read More

The U.K. government unveiled its National Data Strategy. The strategy includes plans to create 500 data analyst jobs and launch a 2.6 million GBP project “to improve systems for detecting and addressing online harms.” Read More