European Commission considering 3- to 5-year ban of facial-recognition tech

(Jan 17, 2020) The European Commission may ban facial recognition for three to five years as it figures out how to curb abusive uses of the technology, BBC News reports. In an 18-page document, the commission plans to introduce new rules to enhance existing privacy laws and propose obligations on artificial intelligence users and developers. The document calls for EU countries to create an authority to keep track of those rules. Should the technology be temporarily banned, "a sound methodology for assessing th... Read More

NIST unveils first version of privacy framework

(Jan 17, 2020) The National Institute of Standards and Technology announced the release of the "NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management." Following stakeholder feedback on a draft of the framework, NIST's published framework provides "a useful set of privacy protection strategies" and "clarification about privacy risk management concepts." NIST Director Walter Copan said, "Privacy is more important than ever in today’s digital age. The strong support the Privacy ... Read More

Irish DPC releases guidance on body cam use

(Jan 16, 2020) The Irish Data Protection Commission has released guidance on the use of body cameras. The guidance has been created to help body camera users determine whether they are a data controller and must meet the requirements of the EU General Data Protection Regulation. The document also lists out the obligations data controllers must adhere to and steps users can take to ensure the technology is in compliance with data protection law. The agency also mentions body camera use for law enforcement purpo... Read More

Web con: 'The History of US Adtech and Online Self-Regulation'

(Jan 16, 2020) The early days of the internet saw digital advertising take hold and power content-driven sites. Self-regulatory programs eventually supported advertising technology by putting rules in place to govern user privacy, notice and choice. Since then, technology has evolved, and consumers have become increasingly aware of how personal data flows. Listen to the first of this three-part series from the IAPP exploring the intersection of privacy and the online advertising industry as a panel of industry... Read More

Web con: 'To Notify or Not to Notify? That Is the Question'

(Jan 14, 2020) Privacy professionals must navigate data breach notification regulations around the world, and their organizations risk significant reputational and financial damages for noncompliance. To meet these requirements, privacy professionals must find new ways to approach their incident response operations. Join the IAPP Jan. 30 for this sponsored web conference to learn the key steps involved to streamline the incident response process and the best practices to comply with global data breach notifica... Read More

CNIL launches consultation for draft recommendations on cookies

(Jan 14, 2020) France's data protection authority, the CNIL, has launched a consultation for its draft recommendations on the use of cookies. The CNIL conducted a separate consultation last fall to develop the recommendations, which would propose operational procedures to obtain consent. The current consultation is open for six weeks and is scheduled to end Feb. 25. The CNIL plans to create a new version of the draft recommendations and present it to the agency's members in a plenary session for final adoption... Read More

POPIA to bring more responsibility, accountability for South African CEOs

(Jan 13, 2020) ITWeb reports South Africa's Protection of Personal Information Act is expected to take force early in 2020 and add responsibilities for CEOs. Micro Focus Channel and Alliances Executive Gareth de Laporte said many South African businesses "don’t even have record management in place," leaving CEOs accountable for noncompliance after POPIA's one-year grace period. "The regulator will need to react immediately once (POPIA) comes into force. Failure to comply can attract a fine of up to R10 million... Read More

Web con: 'What to Do When Consent Doesn’t Work under CCPA'

(Jan 10, 2020) In addition to other benefits, the California Consumer Privacy Act enhances privacy for individuals when data uses cannot be adequately served using consent alone. The CCPA provides incentives for companies to implement safeguards that reduce data privacy risk from even occurring in the first place. Under the CCPA, this can be accomplished by leveraging new technically enforced, risk-based deidentification controls. Join the IAPP Jan. 16 for this sponsored web conference to learn about the benef... Read More

The IAPP's top-5 most-read stories since Jan. 6, 2020

(Jan 10, 2020) We know, there's lots of privacy news, guidance and documentation to keep up with every day. And we also know, you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but sometimes that's even too much. To help, we offer our top-five most-read stories for the week of Jan. 6.Full Story... Read More

Top-5 most-read stories for the week of Jan. 6, 2020

(Jan 10, 2020) We know, there's lots of privacy news, guidance and documentation to keep up with every day. And we also know, you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but sometimes, that's even too much. To help, we offer our top-five most-read stories of the week. The Privacy Advisor: "EU Parliament debates: Could California be considered 'adequate' on its ... Read More