ResourceCenter

The Westin Research Center released a new interactive tool to help IAPP members navigate the California Consumer Privacy Act. The “CCPA Genius” maps requirements in the law to specific CCPA provisions, the proposed regulations, expert analysis and guidance regarding compliance, the California Privacy Rights Act ballot initiative, and other resources. Read More

Privacy risks to individuals tend to be neglected due to the emphasis placed on privacy risks to organizations. Considering privacy risks to individuals, however, is critical to effective privacy risk management. Read More

The IAPP released a series of infographics as the California Consumer Privacy Act enforcement begins July 1. The infographics highlight the civil penalties companies can face under the CCPA, and based on a survey conducted in partnership with FairWarning, 50% of IT and privacy professionals have reported one or more data breaches, and 67% has documented at least one privacy incident in the past three years. To view the CCPA Litigation Overview chart, click here. View as PDF   View as PNG ... Read More

The IAPP developed a chart illustrating the differences among the CCPA cases being filed. The "CCPA Litigation Overview" includes the alleged conduct the plaintiff(s) claim violated the CCPA, whether a CCPA count is specifically included in the complaint and the other California statutes raised by plaintiffs. The chart was developed by IAPP Legal Research Fellow Cathy Cosgrove. Click to View (PDF)... Read More

The right to personal data portability arises as a new complementary modality to the right of access to personal data that had its origin in the EU General Data Protection Regulation. Mexico, by enacting the personal data protection regulations in the public sector in January 2017, adopted this figure, creating an asymmetry among the personal data protection regulations held by private parties. Read More

The IAPP and EY launched a research initiative to gain more insight into the unique ways privacy and data protection practices have been affected by the pandemic. The initial phase of the project included a survey of privacy professionals, taking a deeper look at how organizations, in general, and privacy programs, in particular, are handling the privacy and data protection issues that have emerged alongside COVID-19, such as privacy and security issues related to working from home, monitoring the health of employees, and sharing data with governments, researchers and public health authorities. Read More

Privacy professionals around the world took note of the second anniversary of the day the EU General Data Protection Regulation went into effect. To commemorate this occasion, take this 20-question quiz to test your knowledge of the first two years of the GDPR. Read More

This piece focuses on the resources available to each DPA and its progress so far in addressing complaints, both individually and in coordination with other member states. Additionally, it highlights the GDPR's impact on budget and staffing levels in relation to a country's GDP. Results from the questionnaire provide an illustrative snapshot into DPAs’ work “on the ground.” Read More

The EU General Data Protection Regulation is celebrating its second anniversary May 25. For this special project, we asked leading voices in the data protection and privacy community to reflect about the past, present and future of the GDPR. Read More

The newly updated edition of Canadian Privacy: Data Protection Law and Policy for the Practitioner is crucial for anyone responsible for information risk management, information security, information auditing or legal compliance for clients or organizations based in Canada or subject to Canadian jurisdiction. Read More