“The times they are a-changin’,” Bob Dylan sang almost 60 years ago. And when it comes to consumers’ reasonable expectations of privacy, they are still a-changin.
I recently participated in
Continue Reading US Privacy Laws and Legislation: What You Need to Know
For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.
That was a key facet of what I discussed last week on an anonymization panel during the IAPP
Continue Reading Deidentification vs Anonymization: What Is Enough?
If you are using dashcams to monitor employees and customers, you need to be careful.
A recent finding from the Office of the Privacy Commissioner of Canada offers good guidance
Continue Reading Are You Using Dashcams to Monitor Employees and Customers? Be Careful.
The Health Insurance Portability and Accountability Act of 1996 may be the most well-known privacy law in the United States, but it is also one of the most misunderstood.
Many
Continue Reading HIPAA Covers a Lot Less Than People Think. But Beware of Other US Privacy Laws.
If you are filing a data access request and it is clear that the intention is something other than finding out whether the processing of the data was lawful, the
Continue Reading Beware the Motive Behind a Data Access Request
What do obscenity and data minimization have in common?
As Justice Potter Stewart famously wrote in his concurring opinion to the U.S. Supreme Court’s decision in the 1964 free speech
Continue Reading What’s Data Minimization? As the Saying Goes, You’ll ‘Know It When (You) See It’
What can we learn about disclosures and how to draft privacy notices from the Sweden IMY decision? And why is it important for both GDPR companies and CPRA, CDPA, CPA
Continue Reading Clear & Concise and Everything Nice: What the IMY Decision Means for Your Privacy Notice
The United Kingdom’s Information Commissioner’s Office has issued draft guidance regarding governance and anonymization.
What does it mean for GDPR and for the host of new US Privacy laws, including
Continue Reading Anonymization Governance: Why It’s Important for GDPR and for CPRA
Many EU companies have their own ideas on what US Privacy laws mean for the, Here are three of the more common myths out there, busted.
I don’t
Continue Reading Busted: Three Myths EU Companies Have About US Privacy laws
U.S. Congresswomen Anna Eshoo (D-California) and Zoe Lofgren (D-California) have reintroduced House Resolution 6027 for the Online Privacy Act of 2021.
Some of the bill’s key differentiators from CCPA, CDPA
Continue Reading What is the Online Privacy Act of 2021?