Browse Topics

Recently Added Resources

Privacy Engineer Sample Job Description

As the job of privacy moves beyond law, policy, and compliance and into operations and the actualization of information technology, organizations have begun training, hiring, and generally seeking out "privacy engineers" to fill the gap left between policy and implementation. The job title has been around since at least 2001, but there remain few with that title active in the workforce and this year marks the IAPP's launch of a new Privacy Engineering Section to recognize and support the sizable... Read More

Framework for Demonstrable GDPR Compliance

Nymity Research has identified 39 articles under the GDPR that require evidence of a technical or organizational measure to demonstrate compliance and has mapped these to the Nymity Privacy Management Accountability Framework. The result is the identification of 55 “primary” technical and organizational measures that, if implemented, may produce documentation that will help demonstrate ongoing compliance with your GDPR compliance obligations. The document also identifies additional technical and... Read More

Artificial intelligence and privacy

In this report the Norwegian data protection authority elaborates on the legal opinions and the technologies described in the 2014 report Big Data – data protection principles under pressure. In this report, the DPA provides greater technical detail in describing artificial intelligence, while also taking a closer look at four relevant AI challenges associated with the data protection principles embodied in the GDPR: fairness and discrimination; purpose limitation; data minimization; and transpa... Read More

ePrivacy Regulation (March 2018 draft )

The Bulgarian presidency of the European Commission published this working draft of the proposed ePrivacy Regulation, including an annex with changes proposed by the presidency and further clarifications on the link between the ePR and the GDPR. (March 7, 2018)Read Now (PDF 125KB)... Read More

The data protection fee: A guide for controllers

Under the U.K. Data Protection (Charges and Information) Regulations 2018, which will come into effect with the GDPR, certain controllers will be required to pay fees to the Information Commissioner's Office. This guidance published by the ICO offers insight on how to calculate the fee an organization may be required to pay. (This guidance deals with the current form of the regulation, which is still draft. An update is expected upon finalization of the regulation.)Read Now (PDF 222KB)... Read More

Standards for Data Protection for the Ibero-American States

The Ibero-American Data Protection Network approved these standards that constitute a set of guidelines that may contribute to the issuance of regulatory initiatives for the protection of personal data in the Ibero-American region, which encompasses those countries that do not have these regulations yet; or, if it were the case, they may serve as reference for the modernization and updating of existing legislation.Read Now (PDF 945KB)... Read More