Mortensen: On tackling multiple data demands

(Jul 19, 2018) In a column for Global Banking & Finance Review, InterSystems Data Protection Officer of Global Trust & Privacy Ken Mortensen, CIPP/G, CIPP/US, CIPM, discusses the evolving role of the chief data officer over the years. He notes, with increased use of digital technology, "the role of the CDO has shifted from being about meeting operational requirements to performing the difficult balancing act between ensuring compliance and helping deliver the organisation's strategic goals." Crucially,... Read More

Positive-Sum is Paramount: Achieving Public Safety and Privacy

(Jul 18, 2018) In this paper, the Office of the Information and Privacy Commissioner of Ontario, Canada, shares its approach to applying Privacy by Design, including the application of PbD to surveillance programs and the use of associated technologies. The hallmarks of this approach include an emphasis on communication, understanding divergent points of view, and a focus on protecting, preserving and enhancing individuals’ privacy.View PDF (429 KB)... Read More

Data and Information Classification and Protection Policy

(Jul 18, 2018) This policy created by Carleton University outlines the requirements for the classification and protection of information assets. The policy establishes a framework for classifying and appropriately handling the use of data and information based on its level of sensitivity and value to the organization. (January 2018)View PDF (240 KB)... Read More

Uber names first-ever CPO, DPO

(Jul 18, 2018) When current Uber CEO Dara Khosrowshahi came on board a year ago, replacing founding CEO Travis Kalanick, the ride-sharing company saw privacy as a shared responsibility across teams versus concentrated within a centralized office, reports Angelique Carson, CIPP/US. Now, however, the company has "grown its privacy function to such an extent that the natural progression was to bring in experienced leadership at the global level." Thus, the company Wednesday named two new significant hires: a chie... Read More

How free VPNs are violating privacy

(Jul 18, 2018) According to data from Freedom House’s 2017 Freedom on the Net report, which is based on an assessment of the status of internet freedom in 65 countries, internet censorship is on the rise, and there has been an overall decline in global internet freedom for seven consecutive years now. While we generally tend to imagine censorship to be more pronounced in third-world countries, a growing body of research is pointing to increasing censorship in developed regions like the European Union. Where it... Read More

Web con: 'Three Trends Shaping Corporate Investigations'

(Jul 18, 2018) As advancements in technology, complex accounting practices, and global reach have changed the landscape for corporate fraud, so too has the response from investigators. To learn how professionals are responding to advancements in corporate fraud, the IAPP will be hosting an interactive web conference Thursday, July 26 to hear from those working in digital forensics, forensic accounting, and fraud investigations. Panelists Gibson Dunn Partner Daniel Chung, FTI Consulting Senior Managing Director... Read More

Web Conference: Understanding the California Consumer Privacy Act of 2018

(Jul 18, 2018) Purchase Now  (Free for IAPP members!) Originally broadcast: Tuesday, July 10, 2018 What exactly does the law call for? How is a “California resident” defined, and which organizations will be affected? What are the penalties for non-compliance, and does it provide for a private right of action? Join us for a virtual discussion featuring some of the best privacy law experts on the West Coast, and learn the answers to these questions and more while getting the chance to ask your own. You’ll hea... Read More

New white paper: Applying the positive-sum PbD principle

(Jul 17, 2018) The principles of privacy by design have been incorporated in data protection laws and frameworks across the globe, but applying them to everyday operations can sometimes be elusive. One of the seven PbD principles, "full functionality — positive-sum, not zero-sum," focuses on satisfying all legitimate objectives in an organization, not just those related to privacy. In this new IAPP white paper, "Applying the Positive-Sum Principle for Successful Privacy by Design Outcomes," Dan Goldstein, CIPP... Read More

When should a DPO terminate their contract?

(Jul 17, 2018) “There are different reasons that a [data protection officer] would choose to exit their services contract with a controller or processor. Many are similar to the reasons that any party would terminate an agreement, that is, due to the anticipated or actual breach of the agreement by the other party or when performance becomes impossible,” writes Thomas Shaw, CIPP/E, CIPP/US, in this article for The Privacy Advisor. Here, he discusses the types of circumstances that would lead a DPO to decide it... Read More

BBB discusses 'GDPR-style' consent

(Jul 17, 2018) The Better Business Bureau has published a post — one in a series — addressing consent under the EU General Data Protection Regulation. The series is "directed to U.S. companies seeking to align their privacy practices with the GDPR," the BBB states. The post lays out the main aspects of "GDPR-style consent" and notes that "it is important to understand what it looks like as you design and assess internal privacy processes." Additionally, the BBB also points out when an organization needs consen... Read More