CPRA enforcement has gone through many twists and turns over the years, and it’s completely reasonable to be a bit confused about what’s happened.
After a last-minute reversal, the CPRA is fully enforceable as of July...more
With so much of our society’s data flowing through digital platforms, keeping it safe is increasingly crucial. If your business has access to any personal information (PI)—a person's full name, phone number, email address,...more
Consumers in the Garden State now have comprehensive data privacy protections. But what does that mean for New Jerseyans?
With Gov. Phil Murphy signing Senate Bill 332 (S332/A1971), businesses and entities such as...more
Wouldn’t life be easier if you could just drop whatever cookies you liked onto your website visitors’ browsers? After all, cookies are nothing more than strings of text—you could have your website use dozens of cookies and it...more
Running a business is complex, and there is no end to the number of different domains that you’ll need to be familiar with if you want to be successful. Data privacy professionals might not need to ask what data privacy...more
Understanding cookies and consent management is an important step to becoming compliant with modern data privacy regulations, but there’s another piece of the puzzle: Cookie governance.
Good cookie governance is what...more
Data privacy has never been more top of mind. From regulators to businesses, privacy professionals to consumers, and more, everyone has a stake in data privacy.
With all this attention and focus, the data privacy world...more
Dark patterns, also known as deceptive design or deceptive patterns, are essentially tricks. Websites and apps use dark patterns to manipulate users into making decisions they wouldn’t have otherwise made—like subscribing to...more
With a patchwork of U.S. state privacy laws, there’s a lot of uncertainty about what needs to be done and when. Fortunately, you can become broadly compliant by following some basic best practices. If you tackle the steps in...more
Today, it’s borderline impossible to run a business without relying on a SaaS solution of some sort.
The average business relies on 130 different SaaS vendors. Year over year, those businesses increase their spend on...more
Indiana is now part of a growing list of states that extend data protection to its residents, all thanks to the Indiana Consumer Data Protection Act (INCDPA). Just like other states, they're making sure consumers have their...more
The patchwork of U.S. states enacting consumer data privacy laws continues to expand with the Delaware Personal Data Privacy Act (DPDPA). T
he law is being touted as “the strongest data privacy bill in the nation.”...more
On May 19, 2023, Montana officially became the ninth state to approve a state-level consumer data privacy law, joining the trend of states opting not to wait for a federal privacy law to mandate the protection of its...more
Tennessee has entered the consumer privacy playing field with the Tennessee Information Protection Act (TIPA), joining a growing cohort of American states that refuse to wait for a privacy law at the federal level....more
Oregon has joined the ranks of states to pass a comprehensive consumer privacy act. Senate Bill 619 (SB 619), also known as the Oregon Consumer Privacy Act or OCPA, is the culmination of four years of work by the Oregon...more
In the absence of a federal privacy law, states have been enacting their own, creating a patchwork of compliance laws with their own nuances.
On June 18, 2023, Texas Gov. Greg Abbot signed the Texas Data Privacy and...more
Any business interested in serving the fifth largest economy in the world needs to become compliant with the California Privacy Rights Act (CPRA). But that’s easier said than done.
The law has so many individual...more
How often does the word “right” show up in the text of the CCPA/CPRA?
Over 100 times.
Out of all those references to rights, it doesn’t seem that the rights of businesses are often discussed. In the CPRA,...more
It isn’t always easy for non-privacy experts to understand the point of all these data privacy regulations—surely, we’re all used to the idea that our data is up for grabs?...more
When you’re feeling curious about what a business is doing with your personal data, what do you do?
You could head down to their brick-and-mortar offices and demand to speak with a manager—but aside from maybe going...more
GDPR compliance can be tricky.
Even if you summon the willpower to read through the law’s text, it can be tough to know where to start. As an alternative to pouring through the GDPR’s legalese, one way to establish a...more
9/7/2023
/ Cybersecurity ,
Data Breach ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Data Subjects Rights ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data
Jurisdictions across the globe are implementing their own unique take on data privacy legislation, and Canada’s Quebec province is no exception. Read on to learn all about what makes this law unique and how you can comply....more
Data subject access requests (DSARs), records of processing activities (RoPAs), vendor risk management, a dozen other data privacy compliance requirements—all of them depend upon or are significantly facilitated by a map of...more
If your business transfers data from the European Union to the United States, you’ve likely been keeping an eye on the EU-U.S. Data Privacy Framework (EU-U.S. DPF) for the past several years. The long-awaited adequacy...more
In March 2022, Utah became the fourth state to enact a comprehensive consumer data privacy law. Slated to go into effect in December 2023, the Utah Consumer Privacy Act (UCPA) is considered more business friendly than its...more