Schrems 2.0: Expert Testimony

(Sep 7, 2017) On this page, the International Association of Privacy Professionals is pleased to publish testimony from a potentially landmark case currently before the High Court of Ireland. The current case follows the 2015 decision by the Court of Justice of the European Union in Schrems v. Facebook, in which the CJEU struck down the EU-U.S. Safe Harbor. The current case was also brought by Austrian lawyer Max Schrems against Facebook, this time challenging the adequacy of protection for personal data tran... Read More

How three West Coast law schools are filling the cyber-lawyer gap

(Aug 21, 2017) The need for IT-trained cybersecurity professionals is big and growing bigger. But cybersecurity is a team sport, and IT cyber warriors are but one type of player. Questions like, “What are my obligations during a ransomware attack?” should be tackled by cyber counsel and IT professionals working together. East Coast schools, like Georgetown University, recognized early the need for trained cyber lawyers, and several of them run mature cyberlaw programs. But Southern California law schools have ... Read More

Certifications, Seals and Marks under the GDPR and Their Roles as Accountability Tools and Cross-Border Data Transfer Mechanisms

(Aug 4, 2017) The Center for Information Policy Leadership produced this paper as part of its project (CIPL GDPR Project) on the consistent interpretation and implementation of the GDPR. In this paper, CIPL aims to provide the WP29, the EU Commission and data privacy practitioners with input on certifications, seals and marks under the GDPR and the roles of these instruments as accountability tools and cross-border data transfer mechanisms. The paper intends to facilitate the development of certifications, se... Read More

IAPP to launch certification exams in French and German

(Aug 1, 2017) This fall, the IAPP will launch beta testing for newly translated CIPP/E and CIPM exams, which have, up until now, been offered in English only. The exams will now be offered in French and German. IAPP Certification Exam Director Doug Forman said expanding the language offerings of the exams is a response, in part, to the implementation of the EU General Data Protection Regulation and the spike in demand that has created for privacy professionals. In addition, the annual update to the CIPP/US, C... Read More

IAPP to launch certification exams in French and German

(Aug 1, 2017) This fall, the IAPP will launch beta testing for newly translated CIPP/E and CIPM exams, which have, up until now, been offered in English only. The exams will now be offered in French and German.  IAPP Certification Director Doug Forman said expanding the language offerings of the exams is a response, in part, to the implementation of the EU General Data Protection Regulation and the spike in demand that has created for privacy professionals. It's also a recognition that taking the test is har... Read More

The Privacy Advisor Podcast: What's it like to be just starting out?

(Jul 28, 2017) It seems to be the experience of many privacy pro newbies, anecdotally at least, that many employers are looking for pros who have at least a few years of experience to start, and, typically, they want them to be lawyers. But if everyone wants someone with experience, how does anyone get their start? In this episode of The Privacy Advisor Podcast, IAPP Westin Fellows Cobun Keegan, CIPP/US, CIPM, and Calli Schroeder, CIPP/C, CIPP/E, CIPP/US, CIPM, discuss what it's like to be just starting out in... Read More

An Assessment of the Commission's Proposal on Privacy and Electronic Communications

(Jul 25, 2017) This study, commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the LIBE Committee, appraises the European Commission’s proposal for an ePrivacy Regulation. The study assesses whether the proposal would ensure that the right to the protection of personal data, the right to respect for private life and communications, and related rights enjoy a high standard of protection. The study also highlights the proposal’s potential ... Read More

HHS opens 'call for abstracts' for data privacy event

(May 11, 2017) The U.S. Department of Health and Human Services' Office of Privacy and Information Management has announced a "call for abstracts" for an upcoming event on "Data Privacy in the Digital Age." Set for Oct. 26, 2017, the event will cover a number of areas, including the internet of things in the health space; mobile health apps; wearables; privacy-enhancing technology, such as differential privacy; big data; genetic databases; privacy and health information management in the cloud; wellness progra... Read More

Estimating the re-identification risk of clinical data sets

(Apr 28, 2017) This study by Fida Kamal Dankar, Khaled El Emam, Angelica Neisa and Tyson Roffey identifies a decision rule that can be used by health privacy researchers and disclosure control professionals to estimate uniqueness in clinical data sets. The authors state it provides a reliable way to measure re-identification risk. Read Now... Read More

Book Review: 'Privacy Law Fundamentals 2017'

(Mar 28, 2017) The newest edition of the Privacy Law Fundamentals by Dan Solove and Paul Schwartz, published in 2017, has a lot to offer and is indeed a great reference book for every privacy professional to have in their library, writes ShanShan Pa. The third edition builds on former versions in its layout and design as well as the latest developments in privacy law both in the U.S. and globally, and is a useful reference for both new privacy pros and veterans. Read More