Podcast: Santa Clara County's CPO talks building a program from the ground up

(Jan 18, 2019) Michael Shapiro, CIPP/G, CIPP/US, is the chief privacy officer of Santa Clara County, home to Silicon Valley and an annual revenue of $7 billion. It's a big job. In this episode of The Privacy Advisor Podcast, Shapiro talks about whether he thinks this is the year for a federal privacy bill, nudged perhaps by the California Consumer Privacy Act of 2018. He also discusses building a privacy program from the ground up for an entire county, one that comprises so many different government entities (... Read More

Schrems accuses streaming services of GDPR violations

(Jan 18, 2019) Fortune reports privacy activist Max Schrems and his group None Of Your Business have filed complaints to Austria’s data protection authority alleging eight streaming services are in violation of the EU General Data Protection Regulation. Schrems and NOYB accuse the companies, which include Netflix, Amazon Prime, Apple Music, SoundCloud and Spotify, of failing to provide all the customer data necessary when an individual makes a data subject access request under Article 15. “Many services set up... Read More

The Privacy Advisor Podcast: Santa Clara County's CPO on building a privacy program from the ground up

(Jan 18, 2019) In this episode of The Privacy Advisor Podcast, Michael Shapiro, CIPP/G, CIPP/US, chief privacy officer of Santa Clara County, talks about whether he thinks this is the year for a federal privacy bill, nudged perhaps by the California Consumer Privacy Act of 2018. He also discusses building a privacy program from the ground up for an entire county, one that comprises so many different government entities (hospitals, police departments, social services) and with them so many laws and regulations ... Read More

DeID, pseudonymization, aggregation, and the CCPA

(Jan 17, 2019) The California Consumer Privacy Act is notorious for the haste with which it was drafted. Many provisions of the statute require clarification, and the attorney general’s office is holding a series of public forums before issuing clarifying regulations. Among the concepts not well defined by the CCPA are deidentification, pseudonymization and aggregation. In this piece for Privacy Tracker, IAPP Westin Fellow Mitchell Noordyke, CIPP/E, CIPP/US, takes a look at some of the challenges the CCPA crea... Read More

CCPA offers minimal advantages for deidentification, pseudonymization, and aggregation

(Jan 17, 2019) The California Consumer Privacy Act is notorious for the haste with which it was drafted. Many provisions of the statute require clarification, and the attorney general’s office is holding a series of public forums before issuing clarifying regulations. Among the concepts not well defined by the CCPA are deidentification, pseudonymization, and aggregation. It's helpful to take a look at some of the challenges the CCPA creates with its imprecise language regarding these topics and point out of t... Read More

Perspective: A data protection action plan for Brexit

(Jan 17, 2019) The potential U.K. withdrawal from the European Union hit a new snag this week after the U.K. Parliament overwhelmingly voted against the proposed Brexit plan that was negotiated between Prime Minister Theresa May and the EU. With uncertainty looming, Hogan Lovells Partner Eduardo Ustaran, CIPP/E, warns, "this is not the moment to be blind. ... if the U.K. leaves the EU without a deal, the implications for international data flows and privacy compliance generally will be severe. Therefore, Briti... Read More

Towards European Leadership on Innovation: Recommendations for the next Digital Single Market

(Jan 17, 2019) This document, published by Bitkom, proposes an agenda focused on achieving digital sovereignty for the European Union, emphasizing strategic investment in innovative technologies in Europe, as well as autonomously understanding and using digital technologies in both the public and the private sector. Bitkom lays out six key messages for the digital future of the European Union: Digital transformation means zero hour for the world economy Digitalisation is a means to an end Coherent digital... Read More

Brexit – A data protection action plan

(Jan 17, 2019) "There is cliff, whose high and bending head looks fearfully in the confined deep. Bring me to the very brim of it" says the blinded Earl of Gloucester in Shakespeare's King Lear, thinking that he is at the edge of the famous white cliffs of Dover. Right now, the whole of the U.K. appears to be on the same spot looking over a precipice. However, this is not the moment to be blind. As politicians struggle to find a magic formula for a prosperous Brexit, businesses are stepping up their efforts t... Read More

Web con: 'Data Privacy Control Centers: A New Information Privacy Management Structure?'

(Jan 16, 2019) After the EU General Data Protection Regulation went into effect and the California Consumer Privacy Act of 2018 was passed, organizations may need to consider the creation of privacy control centers to continuously monitor consent and rights requests, data risk and movement and other incidents. Join the IAPP Jan. 31 as privacy professionals discuss the ways they have prepared their organizations for compliance readiness and how entities can get a worldwide view of the personal data they possess... Read More

ANA asks Calif. attorney general for CCPA alterations

(Jan 16, 2019) Association of National Advertisers Senior Vice President of Government Relations Christopher Oswald urged California State Attorney General Xavier Becerra to alter parts of the California Consumer Privacy Act of 2018, MediaPost reports. Oswald spoke at the attorney general’s public CCPA forum in San Diego, where he told Becerra’s office the definition of personal information is too broad and added marketers may not be able to notify consumers about the personal information they may possess shou... Read More