Resource Center / Resource Articles
IAPP Resource Articles
TOPIC PAGE
This page hosts a collection of resource articles and article series published by the IAPP.
IAPP Resource Articles
This resource article series covers U.S. data privacy litigation trends in recent years.
Read More
Global Legislative Predictions 2025
In this annual release, the IAPP gathers insights from privacy pros around the globe, providing an on-the-ground look and predictions for the year ahead.
Read More
Top 10 operational impacts of the EU AI Act
This series provides walkthrough of the most important components of the EU AI Act.
Read More
Top 10 operational impacts of India’s DPDPA
This article series provides a walkthrough of the most important components of India’s Digital Personal Data Protection Act.
Read More
Global AI Governance Law and Policy: Jurisdiction Overviews
This article analyzes the laws, policies, and broader contextual history and developments relevant to AI governance in five jurisdictions: Singapore, Canada, the U.K., the U.S. and the EU.
Read More
Consumer Perspectives of Privacy and AI
This resource analyzes how consumer perspectives of AI are shaped by the way emerging technologies affect their privacy.
Read More
Additional Resource Articles
US Data Privacy Litigation: Litigating accountability through shareholder action
US Data Privacy Litigation: Data brokers and judicial privacy litigation
US Data Privacy Litigation: Biometrics and consumer health data litigation
US Data Privacy Litigation: Security breach litigation
US Data Privacy Litigation: Website tracking litigation
US Data Privacy Litigation: Breach of contract and warranties litigation
Private Rights of Action in US Privacy Legislation
FTC enforcement trends: From straightforward actions to technical allegations
Implementing kids’ privacy protections around the world
US federal AI governance: Laws, policies and strategies
UK data reform: What’s proposed
Top 10 operational impacts of the EU AI Act – Leveraging GDPR compliance
Top 10 operational impacts of the EU AI Act – AI Assurance across the risk categories
Top 10 operational impacts of the EU AI Act – Governance: EU and national stakeholders
Top 10 operational impacts of the EU AI Act – Obligations for general-purpose AI models
Top 10 operational impacts of the EU AI Act – Obligations on nonproviders of high-risk AI systems
Top 10 operational impacts of the EU AI Act – Obligations on providers of high-risk AI systems
Top 10 operational impacts of the EU AI Act – Understanding and assessing risk
Top 10 operational impacts of the EU AI Act – Subject matter, definitions, key actors and scope
Connected Cars: The legislative environment, potential reform and privacy issues
Implications of the AI executive order for business
Global AI Governance Law and Policy: Canada
Global AI Governance Law and Policy: EU
Global AI Governance Law and Policy: US
Global AI Governance Law and Policy: UK
Global AI Governance Law and Policy: Singapore
Top 10 operational impacts of India’s DPDPA – Data breaches
Top 10 operational impacts of India’s DPDPA – Data protection impact assessments
Top 10 operational impacts of India’s DPDPA – Data audits for significant fiduciaries
Top 10 operational impacts of India’s DPDPA – Consent management
Top 10 operational impacts of India’s DPDPA – Cross-border data transfers
Top 10 operational impacts of India’s DPDPA – Enforcement and the Data Protection Board
Top 10 operational impacts of India’s DPDPA – Obligations of data processing entities
Top 10 operational impacts of India’s DPDPA – Individual rights
Top 10 operational impacts of India’s DPDPA – Scope, key definitions and lawful data processing
EU elections explainer: Heading into the next term, reading the smoke signals
EU elections explainer: 2024, a transition year into EU leadership overhaul
The Kids Are All Rights: The Conflict between Free Speech and Youth Privacy Laws
The half-baked future of cookies and other tracking technologies
A practical comparison of the EU, China and ASEAN standard contractual clauses
Washington’s My Health, My Data Act
Going back to basics for the EDPB’s year of the DPO
Standardization landscape for privacy
Practical considerations from EU enforcement: One-stop shop
Practical considerations from EU enforcement: legal bases and transparency
State Attorneys General on privacy, cybersecurity, enforcement and legislation
Top 5 Operational Impacts of China’s PIPL
Top 10 operational impacts of the CPRA
Top 5 operational impacts of Brazil’s LGPD
Guidance notes for responding to ‘Schrems II’
How to Build a Culture of Privacy
Top 5 Operational Impacts of the California Consumer Privacy Act
Guidelines on White-Box Development
Guide to the Gramm–Leach–Bliley Act
Top 10 operational responses to the GDPR
On Monetizing Personal Information
Benchmarking your Privacy Incident Management Program
The General Data Protection Regulation Matchup Series
How to Shop Smart for Cyberinsurance
Building a Program that Provides Value
For a Successful Privacy Program, Use these Three A’s
How the C-Suite Should Talk About Cybersecurity
Starting Up Privacy at a Startup
A brief history of the General Data Protection Regulation (1981-2016)
Monitoring Your Privacy Program
Third-Party Vendor Management Means Managing Your Own Risk
Ten Steps to a Quality Privacy Program
What Place Do Search Engines Have Between Personal Data Law and Freedom of Speech?
The changing meaning of “personal data”