ResourceCenter

In August 2019, the International Standards Organization released its first global privacy standard, ISO/IEC 22701. To offer insight into the professional skill set necessary to implement this new global privacy standard, the International Association of Privacy Professionals’ Westin Research Center mapped ISO/IEC 27701 to the bodies of knowledge for a Certified Information Privacy Professional/Europe and a Certified Information Privacy Manager. Read More

In this fourth part in a series of white papers for technology pros, we’ll explore the organic chemistry of computer science, specifically data structures. Read More

To help businesses operationalize CCPA’s requirements, we present here five concrete action items privacy professionals can tackle, as well as the considerations that underpin each step. We discuss how to determine whether and how CCPA applies to your business, necessary updates to vendor contracts and privacy notices, areas of focus to enable consumer requests, and organizational training needs. In each regard, we outline core requirements and point to additional resources for a deeper dive. Read More

(October 2019) – In this third installment in a series of white papers, we’ll introduce some of the common terms used when describing cloud applications and discuss some basic principles of software architecture, the abstract organization of software that are integral to a functional and secure cloud solution. Read More

The presidency of the Council of the EU, Oct. 4, 2019, published a revised draft of the proposed ePrivacy Regulation. Click To View (PDF) ... Read More

An overview of the technology sector’s public expressions of privacy initiatives and values. Privacy is top-of-mind for technology companies and their consumers. Since Facebook’s data-sharing practices came under scrutiny following reporting on Cambridge Analytica, consumers and legislators have sharpened their interest in big tech’s use of data. In response, many companies continue to review, refine, and clarify their data practices for the benefit of consumers. Some of that clarification come... Read More

Now in its fifth year, the IAPP-EY Privacy Governance Report has evolved over time, along with the privacy profession itself. This year, almost as many of the 370 respondents to the survey hailed from the European Union as from the United States. This reflects the growth of the privacy and data protection profession in the EU in reaction to the GDPR. The GDPR has driven growth in privacy-pro ranks in the U.S., as well. Read More

In this research project, the first of its kind, the IAPP set out to better understand how privacy is taught at American Bar Association–accredited U.S. law schools. We have tiered schools according to their curriculum offerings in privacy law. For purposes of this project, we defined “privacy law” narrowly, excluding more general courses in cybersecurity or law and technology, and focusing strictly on courses in privacy, information privacy or a close equivalent. Read More

Prudence the Privacy Pro is back, with "Compliance Requirements". Open as PDF  Open as JPG  ... Read More

For the second time this year, the IAPP, with support from OneTrust, has asked privacy pros how ready their organizations are for the looming California Consumer Privacy Act. To monitor how levels of CCPA preparedness are changing over time, we fielded this second survey from July to August 2019. What’s new? Well, perhaps unsurprisingly, there has been a marked improvement since the first quarter of 2019, but significant work remains, as only 2% of organizations report that they are currently in... Read More