GDPR one year later: Looking backward and forward

(May 24, 2019) Late May is a good time for privacy regulations to come into effect. Prior to May, short days, cold weather and rain typically keep us indoors anyway, so what better to do than work on data protection? But, after May, it’s helpful to have things mostly in order to allow for more time wandering in and thinking about nature instead of data. Isn’t it? Well (wistfully), for many data protection officers, May 25, 2018, was hardly an ending. At the IAPP, we kept working into the summer and beyond to ... Read More

DPO Confessional: What we've done since May 25, 2018

(May 24, 2019) There has been no shortage of EU General Data Protection Regulation one-year articles in the last week or two and with reason. It has been a game changer. It has required a lot of sweat and tears (hopefully no blood). And though May 25, 2018, may have ended the "ramping-up period," it "was hardly an ending," writes IAPP Data Protection Officer Rita Heimes, CIPP/E, CIPP/US, CIPM. "At the IAPP, we kept working into the summer and beyond to fine-tune new affirmative opt-in consent systems for marke... Read More

The IAPP's top-five most-read stories, May 17–23, 2019

(May 24, 2019) We know, there's lots of privacy news, guidance and documentation to keep up with every day. And we also know, you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but sometimes that's even too much. To help, we offer our top-five, most-read stories of the week. Though May 25 lands on a Saturday this year, much of this last week involved data and reflection... Read More

The IAPP's top-five most-read stories since May 17, 2019

(May 24, 2019) We know, there's lots of privacy news, guidance and documentation to keep up with every day. And we also know, you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but sometimes that's even too much. To help, we offer our top-five, most-read stories of the week. Full Story... Read More

Therrien speaks on Digital Charter, trans-border data flow consultation at CPS19

(May 24, 2019) Privacy Commissioner of Canada Daniel Therrien believes the question about whether privacy legislation should be amended is in the past. It is no longer should the country's privacy laws be amended, but what is the best way to do so, and with the announcement of the country's Digital Charter, the commissioner said the federal government seems to agree. Therrien covered the latest development during his keynote speech at the IAPP Canada Privacy Symposium here in Toronto. The commissioner also an... Read More

GDPR Genius

(May 23, 2019) This interactive tool provides IAPP members ready access to critical GDPR resources — enforcement precedent, interpretive guidance, expert analysis and more — all in one location. Read More

Law firm debuts app to aid CCPA compliance

(May 23, 2019) Law firm Wilson Sonsini has debuted the SixFifty Privacy app ahead of the implementation date of the California Consumer Privacy Act, eWEEK reports. The app is intended to help businesses become compliant with the new law by automating the main components of the CCPA, including features for collecting, managing and fulfilling consumer requests within 45 days; mapping a business’ data flow; creating policies and compliance documents; and training employees who handle consumer information on the n... Read More

Help benchmark industry practices

(May 22, 2019) Yes, it's that time of year again: This month, the IAPP and EY launch the 5th Annual Privacy Governance Survey, which produces annually the most authoritative benchmarking data anywhere for the privacy industry. With your help, we have created a vast storehouse of information on budgeting, staffing, priorities, practices, reporting structure and responses to the EU General Data Protection Regulation (see last year's report here), all freely available. And we need your help yet again. Click on th... Read More

European Commission comments on GDPR's one-year anniversary

(May 22, 2019) May 25, 2019, marks the one-year anniversary of the EU General Data Protection Regulation. “These game-changing rules have not only made Europe fit for the digital age, they have also become a global reference point,” Vice President for the Digital Single Market Andrus Ansip and Commissioner for Justice, Consumers and Gender Equality Věra Jourová said in a joint statement. The priority for the upcoming months is to ensure proper and equal implementation of the GDPR in the member states. The firs... Read More

False alarm gives glimpse into how companies handle breach notifications

(May 22, 2019) Vice reports AT&T mistakenly published its template for notifying customers of a data breach during website testing this week. The website posted a banner that notified users of a possible breach and linked it with an FAQ that discussed incident containment and impact, among other related topics. However, the list of questions was incomplete as some featured fill-in-the-blank criteria, including the number of people affected and the status of containment. “We apologize for any confusion or i... Read More