Op-ed: News organizations also have privacy problems

(Sep 19, 2019) In the latest installment in The New York Times’ Privacy Project, Carnegie Mellon University Computer Science Faculty Member Timothy Libert writes that while the media has done a good job reporting on privacy violations by major companies, “news sites often expose users to the same surveillance programs and data-collection companies they criticize.” He writes that this type of surveillance is problematic because the news an individual reads can identify political beliefs and health information t... Read More

Op-ed: Is protecting privacy your responsibility?

(Sep 18, 2019) New York Times Opinion Writer Charlie Warzel writes the responsibility of data protection should be shifted from the user to the institution. He writes, "privacy is too often framed around choice and consent by those who are doing the invading." Warzel says putting the onus on the individual is an unfair expectation to place on users, adding, "even with best privacy practices, engaging with most technology and living life online means having your data exploited constantly — there’s no choice." (... Read More

Mary Stone Ross on the latest CCPA amendment updates

(Sep 16, 2019) The Legislature in Sacramento finished its session last Friday, Sept. 13, and will no longer be able to make changes to the California Consumer Privacy Act before it goes into effect Jan. 1, 2020. "Assuming that California Gov. Gavin Newsom signs all of these laws — he has until Oct. 13 — these amendments will leave the 'right to know' intact but make significant changes including to some of the definitions, the non-discrimination provision, and how a consumer makes a verifiable request," writes... Read More

Inside the Privacy Shield annual review: Increasing common ground

(Sep 16, 2019) Dozens of senior U.S. and EU government officials gathered at the National Press Club in Washington last week for the Privacy Shield annual review. They were joined by officials from data protection authorities in Austria, Bulgaria, France, Germany and Hungary to discuss whether the three-year-old framework is functioning as intended. I had the opportunity to catch up with Privacy Shield Director Alex Greenstein shortly after the review concluded Friday evening to get his take on how it all wen... Read More

A look at the latest CCPA amendment updates

(Sep 16, 2019) The Legislature in Sacramento finished its session last Friday, Sept. 13 and will no longer be able to make changes to the California Consumer Privacy Act before it goes into effect Jan. 1, 2020.  Assuming that California Gov. Gavin Newsom signs all of these laws — he has until Oct. 13 — these amendments will leave the "right to know" intact but make significant changes including to some of the definitions, the non-discrimination provision, and how a consumer makes a verifiable request. The le... Read More

Op-ed: U.S. needs national data broker registry until federal privacy law arrives

(Sep 16, 2019) In an op-ed for The New York Times, Acxiom Chief Data Ethics Officer Jordan Abbott, CIPP/E, CIPP/US, CIPM, writes the U.S. should establish a national data broker registry to bridge the gap until a federal privacy law is established. A data broker registry can help consumers learn about how their data is used, as well as help to distinguish between legitimate entities and bad actors, Abbott states. “Increasing transparency — initially through a data broker registry and ultimately through a robus... Read More

The role of the UK representative post-Brexit

(Sep 12, 2019) Brexit — love it or hate it, there is a significant chance it will happen. If the United Kingdom leaves the European Union without a deal Nov. 1, it will automatically cease to be a member of the EU. U.K.-based companies will no longer be regulated under the EU General Data Protection Regulation Article 3(1), and U.K.-based individuals will no longer benefit from the protections offered to EU-based individuals by the GDPR. However, as with most Brexit issues, that isn’t even half the story. Th... Read More

An update on efforts to curb synthetic ID fraud

(Sep 11, 2019) It has been almost a year since I wrote about synthetic identity fraud and a then-new federal U.S. law intended to curb it. While a lot of work has been done since then, not much of it has made headlines. A refresher: In May 2018, Congress enacted a law directing the U.S. Social Security Administration to build a system to connect with financial institutions that is capable of verifying in real time whether a given name, date of birth and Social Security number are a match with what the SSA has... Read More

New study assesses GDPR progress in EU, US, China and Japan

(Sep 11, 2019) Now that the implementation date for the EU General Data Protection Regulation is nearly 16 months in the past, law firm McDermott Will & Emery, together with the Ponemon Institute, has conducted a new survey to assess how businesses in the EU, U.S., China and Japan are grappling with GDPR compliance. According to the results, businesses across the globe continue to face challenges understanding and responding to EU data breaches, despite making investments in new personnel and changing busi... Read More

What work has been done on the continued battle against synthetic ID fraud?

(Sep 11, 2019) In May 2018, Congress enacted a law directing the U.S. Social Security Administration to build a system to connect with financial institutions that is capable of verifying in real time whether a given name, date of birth and Social Security number are a match with what the SSA has on file in an effort to combat synthetic identity fraud. In this piece for Privacy Perspectives, Jason Kratovil, CIPP/US, looks at what has happened since last May, as synthetic identity fraud has gone up and the Consu... Read More