The International Association of Privacy Professionals

The world’s largest information privacy community. Read on or Learn More

Monitoring Your Privacy Program: Part Three

(Mar 24, 2015) In the third installment of this series looking at monitoring programs across industries, including healthcare, IT, finance, government and telecom, Deidre Rodriguez, CIPP/US, talks with JC Cannon, CIPP/US, CIPT, about monitoring a privacy program in the IT industry. “Having comprehensive rules, training and procedures in place are not as important during an audit as being able to prove that they are working,” Cannon says. Read More

The FCC’s Net Neutrality Order Part 1: What It Says and How We Got Here

(Mar 31, 2015) The Federal Communications Commission's (FCC’s) recent "Net Neutrality Order" is intended to shape the regulatory framework for broadband Internet access services for years to come. By now you are likely aware of the most important aspects of the order: Both wireline and wireless broadband Internet access providers are reclassified as common carriers under Title II of the Communications Act; The FCC adopted three specific “Open Internet” rules: No blocking, no throttling and no paid prioriti... Read More

FCC Hosting Workshop on New Rules

(Mar 31, 2015) The Federal Communications Commission (FCC) is poised to craft new rules that could limit broadband providers’ ability to share information about users’ web activity with advertisers, MediaPost reports. The FCC’s Wireline Competition and Consumer & Governmental Affairs Bureaus will convene a workshop on the privacy rights of broadband users on April 28 in Washington, DC. The FCC said the 2015 Open Internet Order applies Section 222 of the Communications Act to broadband carriers, and has not... Read More

How To Win the Battle of Data and Goliath

(Mar 31, 2015) Harvard Berkman Fellow and Co3 CTO Bruce Schneier believes we now live in a mass surveillance society of our own making, as we've traded the data that allows us to be constantly tracked in exchange for convenience and services. But, he argues, we don't have to. In his new book, Data and Goliath, he offers suggestions for reforming surveillance-based business models and the systems of government surveillance and offers consumers ways to step outside surveillance culture. In this video of a recent... Read More

IAPP Canada Privacy Symposium 2015

The premier event in Canadian privacy will return to Toronto, but don’t expect the same old same old—think even bigger and better than the last. Canadian privacy pros, this is your must-attend event of the year. Read More

One Cryptographer’s Solution to the Anonymity Paradox

(Mar 30, 2015) How many cryptographers do you know were influenced by their grandmothers? It all started 20 years ago in a picturesque Swiss village where I was supporting a citizen initiative related to animal rights. In Switzerland, as in other democratic societies, initiatives can reach the highest levels of government by collecting signatures. I started with my closest relatives. Showing a keen sense of awareness before signing the form, my grandmother asked me if anyone else would have access to the sig... Read More

Data Security and Breach Notification Legislation Gaining Traction in Congress

(Mar 30, 2015) The Hogan Lovells Privacy Team writes for Privacy Tracker about the Data Security and Breach Notification Act of 2015 (DSBN), which recently passed the House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade. “The DSBN is intended to create a single national security and breach notification standard for most private-sector organizations that handle personal information in electronic form,” the authors write, providing an analysis of five key provisions that are “likely to be at issue as the legislation moves forward.” Read More

IAPP Asia Privacy Forum 2015

Don’t miss out on the only conference that brings globally recognized IAPP programming to Asia. If you’re looking for exclusive networking and intensive education on data protection trends and challenges in Asia, the Forum is for you. Register now to save your seat. Read More

Global News Roundup—March 23-30, 2015

(Mar 30, 2015) After months of contentious debate, Australia has passed its data retention law. Meanwhile, the Dutch justice minister to the Parliament has told communications providers that nation’s retention law no longer applies to them. Also in this week’s Privacy Tracker roundup, read about movement on U.S. bills including the Driver Privacy Act, Arkansas’ Personal Rights Protection Act, California’s CalECPA and Maine’s drone privacy bills. Also read about a surprising move by Virginia’s governor to change a legislature-approved license-plate reader bill and New Mexico’s failure to pass a breach notification bill. Read More

Court Rules Safari Users Can Sue Google

(Mar 27, 2015) In what some are calling a landmark decision, the UK Court of Appeals has ruled that a group of claimants have the right to sue Google for bypassing the privacy settings on the Safari browser to install cookies to track clicks online, BBC News reports. Google said it is “disappointed with the court’s decision,” while one of the claimants described it as a “David and Goliath victory.” In its judgement, the UK court said, “These claims raise serious issues which merit a trial.” According to the re... Read More

Monitoring Third-Party Vendors Means Managing Your Own Risk: Chapter Seven

(Mar 24, 2015) In chapter seven of this ongoing series, K Royal, CIPP/E, CIPP/US discusses the stage in the third-party vendor process in which the chosen vendor has been contracted and the spend has been made. That’s not where diligence ends, however. Now it’s time to make some management decisions, like the timing and frequency, scope and level of monitoring, and who’ll be responsible for that. Read More

Videre's Oren Yakobovich on Empowering People With Surveillance

Videre founder Oren Yakobovich is a former Israeli soldier who decided, upon service, that he was more interested in "breaking the traditional power structures between citizens and government" by empowering oppressed people through the use of video documentation. By quite literally watching the watchers, civil rights abuses have been documented and change has been enacted. He used his keynote address at the IAPP Global Privacy Summit to talk about his efforts and explore the ways in which surveillance can be a force for good. 

A Privacy Engineer’s Analysis of Bitcoin

(Mar 26, 2015) If you’re not familiar with Bitcoin, then you should probably at least review this quick video intro before proceeding. Simply put, Bitcoin is a peer-to-peer protocol that allows for the maintenance of a transaction ledger using a consensus algorithm designed to ensure ledger integrity. Too much of a mouthful? How about Bitcoin is an Internet-based currency with cash-like qualities? At least that is how it was introduced when it was launched into the world in 2009 by its pseudonymous creator.... Read More

The FCC's New Rule Means Changes ... But For Whom?

(Mar 24, 2015) This week, Alamo Broadband and USTelecom each sued to block the Federal Communications Commission from enforcing its February order reclassifying broadband providers as “common carriers," or a public utility of sorts, and therefore subject to the same rules that regulate telecommunications companies. The suits exemplify a panicked stakeholder reaction to a potentially disruptive change: Some personal data Internet service providers currently use to generate revenue is now considered Consumer Pro... Read More

Commission Says It Cannot Guarantee EU Privacy in U.S. Data Transfers

(Mar 25, 2015) In a hearing on Tuesday at the European Court of Justice (ECJ), counsel for the European Commission conceded that the U.S. was under no legal obligation to comply with EU data protection standards, specifically under the EU-U.S. Safe Harbor Agreement, The Irish Times reports. European Commission Counsel Bernhard Schima said, “Under Safe Harbour as it is currently applied in the U.S., there is no guarantee that fundamental rights of EU data subjects will be respected.” The verdict on the case cou... Read More

The Future of Tech and Democracy, and How Privacy Pros Can Help

(Mar 26, 2015) Last month in San Francisco, tech leaders and CEOs met with federal regulators to do something rather unexpected: facilitate the use of new technology in the democratic process. Along the way, participants gave serious thought on how to build safeguards to ensure the protection of consumer privacy. Inspiration for the event came from conversations Federal Elections Commission (FEC) Chair Ann Ravel, in which she shared with me her fervent belief that new technology has the potential to bring mor... Read More

Benchmarking Privacy Management and Investments of the Fortune 1000

Over the summer of 2014, the IAPP embarked on the first of what will be an annual effort to research and benchmark the privacy programs of the Fortune 1000. In partnership with third-party research firm Fondulas Strategic Research, we queried roughly 275 privacy leads at Fortune 1000 companies, all of them large, private, for-profit firms operating from a base in the United States, and got a 23-percent response rate, providing us with one of the most comprehensive samples of corporate privacy le... Read More

Avepoint Privacy Impact Assessment System (APIA)

APIA can help you automate the process of evaluating, assessing and reporting on the privacy implications of your enterprise IT systems. Exclusively available through the IAPP, the APIA System allows you to select questions from the prepopulated bank of PIA questions or create your own, meaning you can build and save PIA templates to be reused and reported out. Learn More

Become a member

IAPP members get access to tons of great benefits

Learn More

News

Find out what’s making headlines today. In the rapid changes in data protection, we make it easy to stay in the know with daily news updates, expert analysis, original reporting, legislative alerts and opinion pieces from the influencers making the news.Find out more

Connect

There are lots of ways to connect with fellow members and the privacy community. From local chapter meetings to virtual networks to social media, you’ll find networking opportunities to help you get involved.Find out more

Learn

From privacy training to web conferences to books and beyond, you’ll find the resources you need to build your knowledge, power up your staff and be more effective at your job.Find out more

Certification

Looking for a way to stand out? Add an IAPP credential after your name. Whether you want to distinguish yourself from others in your field or to advance your skills, a globally recognized IAPP certification is the edge you’re looking for.Find out more

Resources

The IAPP offers all the tools and information you need to get your job done. We’ve collected templates, forms, charts and checklists to help you with everything you can think of, from privacy notices to data breach response to cybersecurity and beyond.Find out more

Conferences

There’s no better way to experience the IAPP community. Whether you’re looking for education, networking or access to privacy experts and regulators, IAPP conferences are where it’s at. We host eight premier conferences around the world each year.Find out more