Governance, risk, and compliance (GRC) can feel like thankless work at times. You can’t ship risk mitigation to market. It's not usually reflected on your balance sheet. Only especially canny investors notice the absence of...more
When we write about data privacy, it’s easy to default to talking to “privacy professionals.”
But take a look at the privacy management industry: The privacy program managers, chief privacy officers, and other purely...more
Heraclitus said that “The only constant in life is change,” but privacy professionals don’t need to turn to ancient Greek philosophy to grasp this concept. We can just use our eyes and observe our colleagues, industry,...more
Businesses in the US will be subject to a lot more scrutiny from consumers and regulators in 2025. With eight new data privacy laws going into effect over the course of the year, attorneys general will be eager to show...more
We've all heard the saying, "Teamwork makes the dream work," but for privacy professionals, this isn't just an inspirational quote—it's a necessity. Specifically, collaboration with colleagues in security; privacy; and...more
Modern businesses have to be compliant with data privacy regulations. Everyone knows that.
But nobody likes being told they have to do something. Especially not when that something seems like an expensive, complicated...more
Getting the business to say “yes” to data privacy isn’t easy. Yet it remains one of the central tasks a data privacy professional must undertake.
After all, you can’t protect consumers, protect your organization, and achieve...more
Starting January 1, 2026, businesses operating in Rhode Island will need to comply with the Rhode Island Data Transparency and Privacy Protection Act, a mouthful of a law abbreviated as RIDTPPA. (Not exactly catchy, is it?)...more
In our recent webinar, It’s Time to Think About Data Mapping Differently, a poll revealed some interesting information: Nearly 50 percent of respondents house their data map in a spreadsheet. (Roughly 15 percent say they...more
Navigating the stringent requirements of data subject access requests (DSARs) can feel like summitting a mountain—the path forward isn’t always clear, pitfalls abound, and you’re fighting gravity all the way....more
As we wait for a federal privacy law in the U.S., the Land of 10,000 Lakes joins a growing number of states that now have their own laws. As expected, Minnesota’s data privacy law has similarities to other state privacy laws...more
If you’re a data person, or even if you’re not, you may have heard the statistic cited by Eric Schmidt, executive chairman at Google: “There were 5 exabytes of information created between the dawn of civilization through...more
Maryland recently joined the growing number of states enacting comprehensive consumer data privacy laws with the passage of the Maryland Online Data Privacy Act (MODPA).
Despite similarities with several other state...more
It’s official—the Cornhusker State has a new data privacy law. The Nebraska Data Privacy Act (NDPA) is now among the growing number of state laws businesses must contend with absent a federal law....more
It’s official. Kentucky will join Indiana, New Hampshire, and a slew of other states with the enactment of a comprehensive data privacy act.
The Kentucky Consumer Data Protection Act (KCDPA)–at least this iteration of...more
New Hampshire has joined the many other states implementing comprehensive data privacy laws in the absence of an overarching federal regulation. While this means greater complexity for businesses, we’ve got you covered. Read...more
One of data privacy’s greatest challenges is that it can all feel just so abstract.
What does it really mean for an individual’s data to be at “risk”? What activities are riskier than others?...more
Preference centers sit at the intersection of user experience and compliance. Whether you’re a compliance professional, marketer, or engineer, a well-designed preference center can help you make an impact on how your audience...more
For your business’s audience, choice and control are paramount. Nobody likes having no say in how they engage with a business or what that business does with their information....more
CPRA enforcement has gone through many twists and turns over the years, and it’s completely reasonable to be a bit confused about what’s happened.
After a last-minute reversal, the CPRA is fully enforceable as of July...more
With so much of our society’s data flowing through digital platforms, keeping it safe is increasingly crucial. If your business has access to any personal information (PI)—a person's full name, phone number, email address,...more
Consumers in the Garden State now have comprehensive data privacy protections. But what does that mean for New Jerseyans?
With Gov. Phil Murphy signing Senate Bill 332 (S332/A1971), businesses and entities such as...more
Running a business is complex, and there is no end to the number of different domains that you’ll need to be familiar with if you want to be successful. Data privacy professionals might not need to ask what data privacy...more
Data privacy has never been more top of mind. From regulators to businesses, privacy professionals to consumers, and more, everyone has a stake in data privacy.
With all this attention and focus, the data privacy world...more
Dark patterns, also known as deceptive design or deceptive patterns, are essentially tricks. Websites and apps use dark patterns to manipulate users into making decisions they wouldn’t have otherwise made—like subscribing to...more