Data Privacy


Major changes to California privacy law likely scuttled


An initiative to strengthen and enhance the California Consumer Privacy Act was basically left for dead in that state’s legislature.


How to Tackle CCPA Compliance – Expert Guidance and Benchmarking Insights

2019-05-07T14:59:00+01:00Provided by

Webcast details: June 4, 2019 – 2 p.m. ET   |  CPE Credit(s): 1


EU data supervisor warns online providers about Ts & Cs


The European Data Protection Supervisor is warning social media and tech companies that their consumer terms and conditions may soon come under increased scrutiny if they fail to comply with the agency’s rules.


Happy Birthday GDPR

2019-05-01T17:44:00+01:00Provided by

Webcast details: May 23, 2019 – 2 p.m. ET   |  CPE Credit(s): 1


Washington state privacy legislation fades, for now

2019-04-23T19:07:00+01:00By DeAnn Orie

The second proposed data privacy regulation in the nation has failed to come to fruition for the time being.


Survey: Companies just starting to prepare for CCPA


A new study from Compliance Week and TrustArc says companies are not yet prepared for the coming California Consumer Privacy Act, the Golden State’s version of the EU’s GDPR.


EDPS investigating contractual arrangements concerning software used by EU firms


The European Data Protection Supervisor, which is responsible for enforcing and monitoring EU companies’ compliance with data protection rules, said it is has launched an investigation into the compliance of contractual arrangements between EU institutions and Microsoft.


Facebook’s Zuckerberg supports U.S. version of GDPR


On his own company blog, Facebook CEO Mark Zuckerberg voiced his support for implementing a U.S. version of the European Union’s General Data Protection Regulation.

2019s key tech cover img

2019’s Key Tech Trend for Capital Markets? That’s Private

2019-03-26T17:37:00+00:00Provided by

To get the full use of your data as data privacy rules increase, you need an innovative technology approach.


Following Privacy’s Yellow Brick Road with BDO: GDPR – CCPA

2019-03-26T17:37:00+00:00Provided by

With new privacy regulations in the works, the California Consumer Privacy Act (CCPA), effective January 2020, stands out as the next big privacy regulation companies will need to grapple with.


Survey: Companies lag behind with CCPA compliance


With a January 2020 deadline just 10 months away, only 14 percent of companies report they are compliant with the California Consumer Privacy Act. Nearly half have not yet started implementation, says a new survey from TrustArc.


Dutch DPA: Forcing users to agree to ‘cookies’ violates GDPR


The Dutch Data Protection Authority says giving visitors access to websites only if they agree to their internet browsing activities being tracked by so-called “cookies” or other tracking software does not comply with the EU’s General Data Protection Regulation.

immuta 300x200

GDPR is Just the Beginning: Legal Principles & Tools to Stay Ahead of the Curve

2019-03-12T14:00:00+00:00Provided by Immuta

Just this year, countries that consist of 50% of the world’s GDP are considering or enforcing stricter data regulations. Fines from 2 to 4% of a company’s global annual revenue to criminal sanctions are available under the GDPR and in emerging jurisdictions such as Asia and Latin America. In the ...

columnist icons2

Facebook: Can a data privacy dog really learn new tricks?


Mark Zuckerberg, founder and CEO of Facebook, wrote a long, detailed blog post on Wednesday to announce new data security and privacy initiatives. Has he seen the light, or is this yet another false promise from the social media giant?


FTC proposes consumer data rule changes for financial institutions


The Federal Trade Commission is seeking public comment on proposed amendments to rules under the Gramm-Leach-Bliley Act that protect the privacy and security of customer information held by financial institutions.


Internal audit still vexed by data, third-party risks


Internal audit is making strides in steering its focus and resources toward companies’ emerging risks—but there’s still some work to be done, the IIA says.


Hilary Wandall on U.S. data privacy priorities


Hilary Wandall, senior vice president, general counsel, and chief data governance officer at TrustArc, explains to columnist Tom Fox why U.S. companies should address data privacy now, regardless of their motivations.


Understanding NIST’s new Risk Management Framework


NIST’s new Risk Management Framework—used with the agency’s Cybersecurity Framework—offers companies direction in integrating cyber-security, privacy, and supply-chain risk management.

rsa 300x200

Are You Doing Enough on Data Privacy? Results of the 2018 Data Privacy Survey

2019-01-31T14:00:00+00:00Provided by

As Europe settles into life under the General Data Protection Regulation (GDPR), the United States is grappling with potential legislation of its own to protect consumer information. Questions remain about what U.S. data privacy legislation might look like, but companies have already begun to strategize.

hitachi 300x200

Turn Data Privacy Regulation into Competitive Advantage

2019-01-29T14:00:00+00:00Provided by

If you are feeling challenged by new privacy regulations, you’re not alone. It’s increasingly difficult to create a consolidated view of data across borders to enable innovation and more efficient controls. So how do you keep innovation projects running amidst “data minimization” initiatives?

David Lefort

Data-bungling Facebook has to earn back our trust


It was a tight race, but we are officially declaring Facebook founder and CEO Mark Zuckerberg as the executive most in need of a compliance makeover in 2019.

columnist icons

Top ethics and compliance failures of 2018


The biggest ethics and compliance failures of 2018 feature some big names, such as Wells Fargo, Danske Bank, and Tesla, and highlight some key lessons for compliance officers.


The coming wave of data privacy compliance challenges


Establishing an effective and compliant data privacy plan isn’t easy considering insufficient U.S. regulation, flaws with the EU’s GDPR, and Big Data feeding the beast.

David Lefort

GDPR, Brexit keep compliance on its toes


The EU’s General Data Protection Regulation and Britain’s upcoming divorce from the European Union both have a tremendous impact on European compliance, but strategizing solutions around either one has proven to be difficult due to a lack of guidance and, in the case of Brexit, just plain chaos.


Regulators raise problem of AI in decision making and accountability


Are companies transferring too much decision-making power to machines? That’s the opinion of EU data regulators, who say companies should “think seriously” about telling investors and stakeholders automatons are now in charge of their data.


‘No-deal’ Brexit risks U.K. and EU data transfer problems


In the event of a ‘no-deal’ Brexit, EU data commissioners are warning of data transfer restrictions between the European Union and the United Kingdom, which will be treated as a third country.


Compliance is feeling GDPR’s growing pains


Six months after its enactment, the EU’s data privacy regulation still hasn’t provided the clarity many were looking for … and it might not come for a while yet.


Privacy advocate Schrems foresees lax enforcement of GDPR


Speaking at the recent Compliance Week Europe conference in Amsterdam, leading privacy campaigner Max Schrems cast doubt on whether the newly enacted GDPR would have any teeth.


Three unintended consequences of data privacy rules

2018-11-27T12:30:00+00:00By Compliance Week

Some will argue a strict data privacy regime will have a negative effect on growing companies, create conflicting requirements in other instances, and potentially cause impediments to corporate investigations. We explore all three.


Counterpoint: States should steer data privacy law

2018-11-27T12:30:00+00:00By Jim Steyer

Common Sense Media Founder and CEO James Steyer lays out the three key reasons why individual state privacy laws would trump a federal mandate.


Point: Protecting privacy should be federal government’s job

2018-11-27T12:15:00+00:00By Cameron F. Kerry

Cameron F. Kerry, senior counsel at Sidley Austin, explains how a federal data privacy law could represent a win for business, privacy advocates, and consumers.


What federal data privacy legislation might look like, and how you can prepare

2018-11-27T12:00:00+00:00By Hilary Wandall

Components from preexisting privacy laws are likely to compose a significant portion of the parameters into which a federal privacy mandate would fit, writes our guest columnist.


A view from beyond the tech giants


Organizations in sectors outside of technology are voicing their opinions on what a data privacy regulation should entail.


Tech companies push for national privacy framework


Commonalities among tech companies, when it comes to U.S. data privacy legislation, include a single-standard approach, elevating the FTC, and mandating a risk-based methodology.


FAQ: Understanding U.S. privacy protections in place and under consideration

2018-11-26T11:45:00+00:00By Compliance Week

The following is a look at some of the many questions companies may have as debates continue over national and state laws and regulations pertaining to data privacy protections.


Elements of a best-in-class data privacy program


Struggling to keep up with privacy regs? Stop the guesswork and follow these best practices for thinking strategically about how privacy practices fit into the overall business strategy.


Special report: Data privacy


International and domestic legislators and regulators threaten an end of the self-regulation of consumer data.