Certain content in the IAPP Resource Center is member-only. Not a member? Join now.


Featured Resources

Tools and Trackers

The IAPP develops, maintains and houses a variety of tools to help members keep up with the rapid developments in privacy and their impact on business and the profession, from global privacy legislation comparisons to enforcement trackers to directories and glossaries.

CCPA and CPRA GeniusGDPR GeniusUS State Law TrackerView All Tools and Trackers


Featured Resource Categories

The IAPP publishes original content on topics that are top of mind for those working in or closely following privacy today. Our expert guidance comes in a variety of formats, including white papers, reports, surveys, infographics, web conferences, podcasts and videos.

Reports and Surveys • White PapersWeb ConferencesVideosInfographicsPodcasts


Featured Topics

Privacy by Region

Browse Topics

Recently Added Resources

State Data Breach Notification Chart

U.S. data breach notification laws vary across all 50 states and U.S. territories. Each law must be applied to every factual scenario to determine if a notification requirement is triggered. To assist practitioners, the IAPP created a chart containing information from each state or territory’s data breach notification law concerning entities that own, control or process personal data. Read More

Web Conference: Influencing Privacy as a Priority: A Regulator’s Perspective

Original broadcast date: May 4, 2021  The roles and focus of regulators may vary between compliance, privacy culture, and privacy awareness. Through their Offices, these regulators may be involved in law reform, collaborative efforts, community outreach, awareness campaigns and other initiatives that elevate how businesses and the public sector view privacy. This session features a collaborative of Privacy Commissioners from across the APAC region in celebration of Australia’s Privacy Awareness Week 2021. Our speakers will share how they are working as regulators and advocates of ‘privacy best practice’ to make privacy a priority. Read More

Comparison of Comprehensive Data Privacy Laws in Virginia and California

The IAPP created a chart comparing the comprehensive data privacy laws in Virginia and California. It provides an overview of each law’s requirements, highlighting their similarities and differences, as businesses look ahead to a January 2023 operative date for Virginia’s Consumer Data Protection Act and the majority of the provisions in the California Privacy Rights Act. Read More

Web Conference: Finding Sweet Spots for Successful Compromise on a Federal Privacy Law

Original broadcast date: May 3, 2021  In 2020, U.S. Republicans and Democrats failed to reach a consensus on a slew of privacy-related bills. This year offers a better opportunity to bridge disagreements and reach a long-awaited deal. This panel includes representatives of two key constituencies working seriously toward consensus. Learn from them what the prospects for legislation are in this Congress, promising areas where disagreements may be bridged, where a final bill is likely to land, and how your California Consumer Privacy Act– and EU General Data Protection Regulation–compliant programs are likely to change as a result of federal privacy legislation. Read More

Web Conference: Bending the Rules: Pragmatic Privacy in Pandemics and the Unexpected

Original broadcast date: April 30, 2021  Privacy rulemaking is often...wait - what just happened!? The last year has stretched many privacy team’s capacity to understand and address the impact of changes while managing their day jobs. If your privacy program governance is too rigid, in a crisis you may just ignore it in the interests of speed. How can you be pragmatic without losing sight of your principles? Read More

How to Provide DPO Contact Information to Your DPA

Last Updated: April 30, 2021 Article 37(7) of the EU General Data Protection Regulation requires that “the controller or the processor shall publish the contact details of the data protection officer and communicate them to the supervisory authority.” But how does one go about communicating this information to relevant authority? Is there a formal process, or can companies simply send an email with a DPO’s name, phone number and email address? As it turns out, different jurisdictions have set... Read More

Web Conference: Adapting GDPR/CCPA Data Rights Processes for CPRA, CDPA, ABCD, WXYZ and Beyond

Original broadcast date: April 29, 2021  New rules for how businesses must receive, process and respond to data subject rights requests are emerging at rapid rates. While some businesses already have rights response processes in place pursuant to existing data protection regulations, others will need to satisfy these obligations for the first time as more jurisdictions impose these requirements. Where processes are already in place, businesses need to be aware of emerging nuances that affect their compliance posture. Read More

California Privacy Rights Act

The CPRA amends the California Consumer Privacy Act and includes additional privacy protections for consumers. It also creates an enforcement agency, the California Privacy Protection Agency. The majority of the CPRA’s provisions will enter into force Jan. 1, 2023, with a look-back to January 2022. The CPRA passed as a ballot initiative in Nov. 2020. CCPA and CPRA Topic PageThis topic page contains a curation of the IAPP’s coverage, analysis and relevant resources covering the California Cons... Read More

Web Conference: Life After Third-Party Cookies: What’s Next & Why You Still Need a Cookie Banner

Original broadcast date: April 28, 2021  This web conference gives viewers an understanding of the industry’s concern about entering a world without third-party cookies, why organizations will still need a cookie banner or CMP, and how they can pivot their strategy to continue to understand their audience, deliver personalization and future-proof revenue for the next generation of the advertising technology ecosystem​. Read More

Web Conference: The State of Privacy: State Attorney General Enforcement Updates

Original broadcast date: April 27, 2021  This panel engages with attorneys from the offices of the Washington, D.C., Illinois and Massachusetts Attorneys General who are responsible for overseeing their office's privacy and data security enforcement actions. Through a moderated discussion, they delve into topics including the enforcement priorities of their respective administrations, new or pending state legislation, including the Biometric Information Privacy Act (BIPA), and their perspectives on the ever-evolving consumer privacy landscape. There is also a Q&A session at the end. Read More