As budget season approaches, it's no time to become complacent

(Sep 25, 2018) Privacy professionals have been exceptionally busy over the last two years. In the weeks leading up to May 25, 2018, General Data Protection Regulation activity reached a crescendo as officials, businesses and their adv isers prepared to go live. Many champagne corks were popped on that momentous day, but how did things look on May 26? As the Privacy Advisor reported in a GDPR day podcast, some privacy pros opted to take a well-earned vacation, while others considered what might happen over the... Read More

Why benchmark data? To arm yourself with valuable data

(Sep 25, 2018) This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management, brought to you by Radar, Inc., a provider of purpose-built decision support software designed to help privacy professionals perform consistent incident risk assessments and ensure timely notification, with real-time access to incident management reports and metrics. Find earlier installments of this series here. “Why benchmark?” is a question we have revisited many times over ... Read More

Ankura acquires Navigant team to bolster privacy offerings

(Sep 25, 2018) On Aug. 24, Ankura Consulting Group completed its acquisition of the privacy team housed within the Disputes, Forensics and Legal Technology segment of Navigant, a firm specializing in advisory, consulting and outsourcing services. The announcement concluded a month's-long process between the two organizations, giving Ankura the opportunity to use the Navigant privacy team to bolster its presence worldwide to more than 30 offices globally, manned by 1,400 professionals and allowing the consultin... Read More

The perils of employee-collaboration tools and how to avoid them

(Sep 25, 2018) The workforce of today in America looks very different from the one that existed even 20 years ago. Perhaps not gone, but certainly altered, is the image of the harried office worker stuck in traffic, delayed by weather or family concerns, and otherwise desperate to be present in their office between 9 a.m. and 5 p.m. Today, the rise of flexible work schedules, job shares and teleworking, has created much desired flexibility for many workers. In released statistics from a few years ago, more tha... Read More

A starting point for CaCPA compliance, despite the unknowns

(Sep 25, 2018) Implementing the California Consumer Privacy Act of 2018 will take time, and organizations should start evaluating exposure and designing compliance plans now. There are many open questions, but that does not mean you can’t conduct an initial assessment that enables you to start planning for the resources you will need during 2019. This article outlines a pragmatic four-step approach to how to assess your exposure to CaCPA by identifying what entities in your group will be subject to the act (th... Read More

CNIL looks at GDPR four months later

(Sep 25, 2018) France’s data protection authority, the CNIL, looks at the effect of the EU General Data Protection Regulation four months after its implementation date. The CNIL states 24,500 organizations have appointed a data protection officer since May 25, up from 13,000 prior to the deadline. The DPA has received more than 600 data breach notifications since the beginning of the GDPR and 3,767 complaints since the start of the year, up 64 percent from the same period in 2017. The CNIL also outlines some o... Read More

6.42M users affected in SHEIN data breach

(Sep 25, 2018) Online fashion retailer SHEIN revealed it was hit by a data breach in June that affected 6.42 million customers, ZDNet reports. The company posted on its website hackers performed "a sophisticated criminal cyberattack on its computer network" compromising users’ email addresses and encrypted passwords. "We have seen no evidence that your credit card information was taken from our systems and SHEIN typically does not store credit card information on its systems," the company said in its statement... Read More

UN accidentally published sensitive information

(Sep 25, 2018) A security researcher discovered the United Nations accidentally published sensitive information to several different outlets, The Intercept reports. Kushagra Pathak found the data on the project management service Trello, issue-tracking app Jira, and Google Docs. The information was available to anyone who had the correct URL and included passwords, internal documents, and details about websites. Pathak first notified the U.N. about the leaked information Aug. 20 and, after a back-and-forth cor... Read More

Google faces privacy concerns over Chrome update

(Sep 25, 2018) The Verge reports Google is facing criticisms over a feature in the latest version of its Chrome browser. Whenever a user logs in to a Google service, such as Gmail or YouTube, using Chrome 69, they will be automatically logged in to the browser, as well. Critics of the change said the move will result in more users inadvertently sharing their information with the tech company. Chrome Engineer and Manager Adrienne Porter Felt said on Twitter a user will not be automatically sharing data with Goo... Read More

Prudence the Privacy Pro Vol. 5 No. 7

(Sep 25, 2018) Time for a little California sun for Pru and Opt-Out. Now that GDPR is managed, what's there to worry about ... Right? Click on the image below if you would like to download a high-resolution pdf to print and hang in your office. (25.7MB)  ... Read More