Thinking through ACL-aware data processing

(Jul 17, 2019) Large cloud computing services are generally run for multiple users. In a few cases, all the data processed by that service is public. In virtually all cases, users have an expectation that some of the information about them is kept private. Even if the data store itself is public, logs about access to that data are generally not. Keeping each person’s information separate is most simple in the primary data stores, where each object can easily have its own access control list. Once we step into... Read More

Tech talk: Exploring ACL-aware data processing

(Jul 17, 2019) Large cloud computing services are generally run for multiple users. In a few cases, all the data processed by that service is public. In virtually all cases, users have an expectation that some of the information about them is kept private. Even if the data store itself is public, logs about access to that data are generally not. Keeping each person’s information separate is most simple in the primary data stores, where each object can easily have its own access control list. However, most clou... Read More

Global Data Breach Notification Law Library

(Jul 16, 2019) This free tool from RADAR allows users to access a library containing hundreds of global privacy laws, rules, and regulations to stay current on existing and proposed legislation. Features in this tool include: Interactive maps to quickly identify notification laws pertaining to a designated U.S. state. Up-to-date overviews of global breach notification laws and all 50 U.S. state regulations. Incident risk assessment and data breach reporting requirements - as well as penalties for non-comp... Read More

NIST presents latest Privacy Framework draft

(Jul 12, 2019) A new U.S. privacy framework is quickly approaching completion. The National Institute of Standards and Technology, which holds the drafting pen, is encouraging stakeholders to share their feedback soon. Since last October, NIST has been working to develop its Privacy Framework to help organizations identify, internalize and address privacy risk. On July 8 and 9, NIST presented its latest draft of the framework during a workshop in Boise, Idaho, and solicited feedback from participants. Througho... Read More

NIST Privacy Framework nearing completion

(Jul 12, 2019) A new U.S. privacy framework is quickly approaching completion. The National Institute of Standards and Technology, which holds the drafting pen, is encouraging stakeholders to share their feedback soon. Since last October, NIST has been working to develop its Privacy Framework to help organizations identify, internalize and address privacy risk. The framework presents the building blocks of a comprehensive data management program that can be implemented across an organization. NIST aims to bri... Read More

IAPP Privacy Tech Vendor Reports

(Jul 8, 2019) The IAPP Privacy Tech Vendor Report identifies companies offering privacy technology solutions and loosely categorizes the types of solutions they offer — from assessment managers to data discovery tools. On this page, you can view editions of the Privacy Tech Vendor Report, organized by the year in which they were published. Read More

IAPP-TrustArc release report on how privacy tech is bought, deployed

(Jun 27, 2019) For the second year running, the IAPP, together with TrustArc, surveyed 345 privacy professionals around the globe to gain an understanding of how privacy technology products are purchased and deployed within an organization. Since 2017, the IAPP has mapped out the privacy tech marketplace through the IAPP Privacy Tech Vendor Report, which identifies 10 categories of products. Like the 2018 survey, results this year shine a light on which products are in use and under whose budget privacy tech p... Read More

Report: US banking apps have security, privacy issues

(Jun 12, 2019) Security firm Zimperium says most of the top banking apps have security flaws that put user data at risk, TechCrunch reports. Researchers found most banking apps do not follow best coding practices and use outdated open-source code, while some share customer data with advertisers. Both iOS and Android banking apps are affected, with the worst iOS app scoring 86 out of 100 on the risk scale for privacy issues; Android app scores for the same banking app were higher. Several iOS and Android bankin... Read More