Web con: 'Saving Direct Marketing in the Post-Pandemic Economic Recovery'

(Apr 9, 2020) The U.K. Information Commissioner's Office released a Draft Code for Direct Marketing that could alter the advertising ecosystem. The COVID-19 pandemic has resulted in more people buying products online. Pseudonymization under the EU General Data Protection Regulation may be able to help balance direct marketing efforts and protect consumer privacy. Join the IAPP April 30 for this sponsored web conference as Anonos CEO and General Counsel Gary LaFever discusses the benefits of pseudonymization a... Read More

FTC's Smith discusses AI, algorithm usage

(Apr 9, 2020) In an agency blog post, U.S. Federal Trade Commission Bureau of Consumer Protection Director Andrew Smith addresses the utilization of artificial intelligence and algorithms across industries. Smith goes on to outline key considerations when applying AI tools, including appropriate application to the collection of sensitive data. "The FTC’s law enforcement actions, studies, and guidance emphasize that the use of AI tools should be transparent, explainable, fair, and empirically sound, while fost... Read More

Irish DPC releases report on cookies, tracking tech

(Apr 7, 2020) The Irish Data Protection Commission released its report on the use of cookies and other tracking technologies. The report highlights the practices of 38 organizations the DPC asked to participate in the audit, which took place from August to December 2019. "The purpose of the sweep survey was to request information to allow us to examine the deployment of such technologies and to establish how, and whether, organisations are complying with the law," the report states.Full Story ... Read More

Web con: 'The Impact of CCPA and GDPR on Data Management'

(Apr 7, 2020) Requirements for data management under the California Consumer Privacy Act and EU General Data Protection Regulation are changing the way organizations control their data. Join the IAPP April 16 for this web conference to hear privacy professionals discuss what lessons organizations have gleaned from their compliance efforts while working to meet the requirements of these new regulations. Speakers include Dataguise Senior Vice President of Enterprise Privacy Solutions Sagi Leizerov, CIPP/US, Ube... Read More

CNIL publishes page on ISO 27701 standard

(Apr 7, 2020) France's data protection authority, the CNIL, published a page on its website on the ISO 27701 standard. The CNIL breaks down the components of the ISO standard and highlights the agency's contribution to its creation. The agency states the EU General Data Protection Regulation was taken into consideration as the standard was formed. It adds ISO 27701 is not GDPR-specific and should not be used as a GDPR certification mechanism. Full Story... Read More

The Privacy Advisor Podcast: Should we give up our data to help the herd?

(Apr 3, 2020) Telecommunications companies across the world, including in Germany, Brazil and China, have granted their governments access to customers' cellphone data in an effort to help track COVID-19. In the U.S., government officials are consulting with big tech companies and public health professionals on the possibility of doing so, while authorities in the Netherlands have said emergency legislation must be enacted before sharing occur. In this episode of The Privacy Advisor Podcast, Heather Federman,... Read More

COVID-19 privacy updates from France, Netherlands, Poland and more

(Apr 2, 2020) As the COVID-19 pandemic continues, here are the latest stories on how the outbreak has affected privacy: The Dutch data protection authority, Autoriteit Persoonsgegevens, released a statement regarding its position on using location data to track COVID-19, saying emergency legislation must be adopted to do so lawfully. (Original post is in Dutch.) The French data protection authority, the CNIL, issued guidance on telework security measures. (Original post is in French.) Poland's data prote... Read More

Guidance for privacy pros conducting a cloud migration PIA

(Apr 1, 2020) As more and more companies put their data in the cloud, Dataguise Senior Vice President of Enterprise Privacy Solutions Sagi Leizerov, CIPP/US, writes one of the most important privacy impact assessments organizations need to perform "is for the migration of personal information to the cloud environment." In this piece for Privacy Tech, Leizerov offers some guidance for privacy professionals to consider when they conduct their next cloud migration PIA.Full Story... Read More

Guidance for a cloud migration PIA

(Apr 1, 2020) There’s something exciting about migrating data to a new environment. It’s an opportunity to start fresh, like the decluttering and reorganizing we do before we move to a new house. It’s also the time to really think about what personal data we are migrating and how we intend to allow for its processing. Since companies are increasingly making the choice to have their data float above them, one of the most important privacy impact assessments (aka data protection impact assessments under the EU... Read More

Bermuda privacy commissioner explores accountability principle

(Apr 1, 2020) Bermuda Privacy Commissioner Alexander White, CIPP/A, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPM, CIPT, FIP, released a report documenting facets of information accountability. White's report explains the establishment of the accountability principle and how it has been deployed globally in regulatory frameworks. White said the report also "provides tangible examples of both 'building block' and ongoing steps to ensure a successful privacy program." Editor's note: White discussed his role in Bermuda ... Read More