Subject rights requests can be confusing for everybody involved.
Some consumers are savvy privacy advocates and expect their requests to be fulfilled to the letter. Others are just learning that they have subject rights...more
Martial artists use a colored belt system to denote their expertise. You start with a white belt, and, as you train and improve, you eventually achieve the next color and corresponding rank. Once you’ve gained a black belt,...more
“Don’t Mess with Texas.”
It’s an evocative phrase, which is probably why it survived so long past its humble origins as a 1980s campaign slogan to discourage drivers from littering on Texan highways....more
Heraclitus said that “The only constant in life is change,” but privacy professionals don’t need to turn to ancient Greek philosophy to grasp this concept. We can just use our eyes and observe our colleagues, industry,...more
Businesses in the US will be subject to a lot more scrutiny from consumers and regulators in 2025. With eight new data privacy laws going into effect over the course of the year, attorneys general will be eager to show...more
If you’re feeling out of the loop about Chrome’s personal data collection, you’re not the only one. Google had announced that it would be deprecating third-party cookies. Then it delayed the deprecation. Then they called the...more
Starting January 1, 2026, businesses operating in Rhode Island will need to comply with the Rhode Island Data Transparency and Privacy Protection Act, a mouthful of a law abbreviated as RIDTPPA. (Not exactly catchy, is it?)...more
In our recent webinar, It’s Time to Think About Data Mapping Differently, a poll revealed some interesting information: Nearly 50 percent of respondents house their data map in a spreadsheet. (Roughly 15 percent say they...more
Navigating the stringent requirements of data subject access requests (DSARs) can feel like summitting a mountain—the path forward isn’t always clear, pitfalls abound, and you’re fighting gravity all the way....more
As we wait for a federal privacy law in the U.S., the Land of 10,000 Lakes joins a growing number of states that now have their own laws. As expected, Minnesota’s data privacy law has similarities to other state privacy laws...more
Maryland recently joined the growing number of states enacting comprehensive consumer data privacy laws with the passage of the Maryland Online Data Privacy Act (MODPA).
Despite similarities with several other state...more
It’s official. Kentucky will join Indiana, New Hampshire, and a slew of other states with the enactment of a comprehensive data privacy act.
The Kentucky Consumer Data Protection Act (KCDPA)–at least this iteration of...more
The GDPR contains plenty of requirements, penalties, obligations, rights, and definitions—but it doesn’t contain a specific template for DPIAs, or data protection impact assessments.
If you’re struggling to identify...more
Whether as a consumer or as a stakeholder in a business, you’ve likely seen links reading “Do Not Sell My Personal Information” or “Do Not Sell or Share My Personal Information.”
On the surface, these links seem...more
Most people find data privacy compliance to be complicated enough. So, when they encounter the concept of data mapping—something that isn’t an explicit requirement in any data privacy law—many find themselves scratching their...more
With so much of our society’s data flowing through digital platforms, keeping it safe is increasingly crucial. If your business has access to any personal information (PI)—a person's full name, phone number, email address,...more
The General Data Protection Regulation (GDPR) has brought significant changes to how companies handle personal data—and cookies are easily one of the largest sources of personal information for businesses. Find out all about...more
Dark patterns, also known as deceptive design or deceptive patterns, are essentially tricks. Websites and apps use dark patterns to manipulate users into making decisions they wouldn’t have otherwise made—like subscribing to...more
With a patchwork of U.S. state privacy laws, there’s a lot of uncertainty about what needs to be done and when. Fortunately, you can become broadly compliant by following some basic best practices. If you tackle the steps in...more
Indiana is now part of a growing list of states that extend data protection to its residents, all thanks to the Indiana Consumer Data Protection Act (INCDPA). Just like other states, they're making sure consumers have their...more
The patchwork of U.S. states enacting consumer data privacy laws continues to expand with the Delaware Personal Data Privacy Act (DPDPA). T
he law is being touted as “the strongest data privacy bill in the nation.”...more
On May 19, 2023, Montana officially became the ninth state to approve a state-level consumer data privacy law, joining the trend of states opting not to wait for a federal privacy law to mandate the protection of its...more
Oregon has joined the ranks of states to pass a comprehensive consumer privacy act. Senate Bill 619 (SB 619), also known as the Oregon Consumer Privacy Act or OCPA, is the culmination of four years of work by the Oregon...more
GDPR compliance can be tricky.
Even if you summon the willpower to read through the law’s text, it can be tough to know where to start. As an alternative to pouring through the GDPR’s legalese, one way to establish a...more
9/7/2023
/ Cybersecurity ,
Data Breach ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Data Subjects Rights ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data
What if your city no longer had to put up speed limit signs? The police would still know what the speed limit was on a given stretch of road, but drivers would just have to guess. If you got a ticket for speeding, you’d feel...more