Major changes to California privacy law likely scuttled
An initiative to strengthen and enhance the California Consumer Privacy Act was basically left for dead in that state’s legislature.
How to Tackle CCPA Compliance – Expert Guidance and Benchmarking Insights
Webcast details: June 4, 2019 – 2 p.m. ET | CPE Credit(s): 1
EU data supervisor warns online providers about Ts & Cs
The European Data Protection Supervisor is warning social media and tech companies that their consumer terms and conditions may soon come under increased scrutiny if they fail to comply with the agency’s rules.
Happy Birthday GDPR
Webcast details: May 23, 2019 – 2 p.m. ET | CPE Credit(s): 1
Washington state privacy legislation fades, for now
The second proposed data privacy regulation in the nation has failed to come to fruition for the time being.
Survey: Companies just starting to prepare for CCPA
A new study from Compliance Week and TrustArc says companies are not yet prepared for the coming California Consumer Privacy Act, the Golden State’s version of the EU’s GDPR.
EDPS investigating contractual arrangements concerning software used by EU firms
The European Data Protection Supervisor, which is responsible for enforcing and monitoring EU companies’ compliance with data protection rules, said it is has launched an investigation into the compliance of contractual arrangements between EU institutions and Microsoft.
Facebook’s Zuckerberg supports U.S. version of GDPR
On his own company blog, Facebook CEO Mark Zuckerberg voiced his support for implementing a U.S. version of the European Union’s General Data Protection Regulation.
2019’s Key Tech Trend for Capital Markets? That’s Private
To get the full use of your data as data privacy rules increase, you need an innovative technology approach.
Following Privacy’s Yellow Brick Road with BDO: GDPR – CCPA
With new privacy regulations in the works, the California Consumer Privacy Act (CCPA), effective January 2020, stands out as the next big privacy regulation companies will need to grapple with.
Survey: Companies lag behind with CCPA compliance
With a January 2020 deadline just 10 months away, only 14 percent of companies report they are compliant with the California Consumer Privacy Act. Nearly half have not yet started implementation, says a new survey from TrustArc.
Dutch DPA: Forcing users to agree to ‘cookies’ violates GDPR
The Dutch Data Protection Authority says giving visitors access to websites only if they agree to their internet browsing activities being tracked by so-called “cookies” or other tracking software does not comply with the EU’s General Data Protection Regulation.
GDPR is Just the Beginning: Legal Principles & Tools to Stay Ahead of the Curve
Just this year, countries that consist of 50% of the world’s GDP are considering or enforcing stricter data regulations. Fines from 2 to 4% of a company’s global annual revenue to criminal sanctions are available under the GDPR and in emerging jurisdictions such as Asia and Latin America. In the ...
Facebook: Can a data privacy dog really learn new tricks?
Mark Zuckerberg, founder and CEO of Facebook, wrote a long, detailed blog post on Wednesday to announce new data security and privacy initiatives. Has he seen the light, or is this yet another false promise from the social media giant?
FTC proposes consumer data rule changes for financial institutions
The Federal Trade Commission is seeking public comment on proposed amendments to rules under the Gramm-Leach-Bliley Act that protect the privacy and security of customer information held by financial institutions.
Internal audit still vexed by data, third-party risks
Internal audit is making strides in steering its focus and resources toward companies’ emerging risks—but there’s still some work to be done, the IIA says.
Hilary Wandall on U.S. data privacy priorities
Hilary Wandall, senior vice president, general counsel, and chief data governance officer at TrustArc, explains to columnist Tom Fox why U.S. companies should address data privacy now, regardless of their motivations.
Understanding NIST’s new Risk Management Framework
NIST’s new Risk Management Framework—used with the agency’s Cybersecurity Framework—offers companies direction in integrating cyber-security, privacy, and supply-chain risk management.
Are You Doing Enough on Data Privacy? Results of the 2018 Data Privacy Survey
As Europe settles into life under the General Data Protection Regulation (GDPR), the United States is grappling with potential legislation of its own to protect consumer information. Questions remain about what U.S. data privacy legislation might look like, but companies have already begun to strategize.
Turn Data Privacy Regulation into Competitive Advantage
If you are feeling challenged by new privacy regulations, you’re not alone. It’s increasingly difficult to create a consolidated view of data across borders to enable innovation and more efficient controls. So how do you keep innovation projects running amidst “data minimization” initiatives?
Data-bungling Facebook has to earn back our trust
It was a tight race, but we are officially declaring Facebook founder and CEO Mark Zuckerberg as the executive most in need of a compliance makeover in 2019.
Top ethics and compliance failures of 2018
The biggest ethics and compliance failures of 2018 feature some big names, such as Wells Fargo, Danske Bank, and Tesla, and highlight some key lessons for compliance officers.
The coming wave of data privacy compliance challenges
Establishing an effective and compliant data privacy plan isn’t easy considering insufficient U.S. regulation, flaws with the EU’s GDPR, and Big Data feeding the beast.
GDPR, Brexit keep compliance on its toes
The EU’s General Data Protection Regulation and Britain’s upcoming divorce from the European Union both have a tremendous impact on European compliance, but strategizing solutions around either one has proven to be difficult due to a lack of guidance and, in the case of Brexit, just plain chaos.
Regulators raise problem of AI in decision making and accountability
Are companies transferring too much decision-making power to machines? That’s the opinion of EU data regulators, who say companies should “think seriously” about telling investors and stakeholders automatons are now in charge of their data.
‘No-deal’ Brexit risks U.K. and EU data transfer problems
In the event of a ‘no-deal’ Brexit, EU data commissioners are warning of data transfer restrictions between the European Union and the United Kingdom, which will be treated as a third country.
Compliance is feeling GDPR’s growing pains
Six months after its enactment, the EU’s data privacy regulation still hasn’t provided the clarity many were looking for … and it might not come for a while yet.
Privacy advocate Schrems foresees lax enforcement of GDPR
Speaking at the recent Compliance Week Europe conference in Amsterdam, leading privacy campaigner Max Schrems cast doubt on whether the newly enacted GDPR would have any teeth.
Three unintended consequences of data privacy rules
Some will argue a strict data privacy regime will have a negative effect on growing companies, create conflicting requirements in other instances, and potentially cause impediments to corporate investigations. We explore all three.
Counterpoint: States should steer data privacy law
Common Sense Media Founder and CEO James Steyer lays out the three key reasons why individual state privacy laws would trump a federal mandate.
Point: Protecting privacy should be federal government’s job
Cameron F. Kerry, senior counsel at Sidley Austin, explains how a federal data privacy law could represent a win for business, privacy advocates, and consumers.
What federal data privacy legislation might look like, and how you can prepare
Components from preexisting privacy laws are likely to compose a significant portion of the parameters into which a federal privacy mandate would fit, writes our guest columnist.
A view from beyond the tech giants
Organizations in sectors outside of technology are voicing their opinions on what a data privacy regulation should entail.
Tech companies push for national privacy framework
Commonalities among tech companies, when it comes to U.S. data privacy legislation, include a single-standard approach, elevating the FTC, and mandating a risk-based methodology.
FAQ: Understanding U.S. privacy protections in place and under consideration
The following is a look at some of the many questions companies may have as debates continue over national and state laws and regulations pertaining to data privacy protections.
Elements of a best-in-class data privacy program
Struggling to keep up with privacy regs? Stop the guesswork and follow these best practices for thinking strategically about how privacy practices fit into the overall business strategy.
Special report: Data privacy
International and domestic legislators and regulators threaten an end of the self-regulation of consumer data.