How Privacy Ref is getting GDPR Ready

The General Data Privacy Regulations, GDPR, are less than a year away.  Businesses around the world actively participating in the markets of the European Union are scrambling to comply with the new law.  We at Privacy Ref have been looking at how to best assess an organization’s readiness for com...

Accountability

You may be interested in how Wells Fargo has been handling the fallout from their recent scandal.  The summary of the incident is that sales personnel at Wells Fargo were so pressured to meet numbers that they created fake accounts using real consumer information. The practice was rampant at the ...

Planning for Summit 2017

With the IAPP Privacy Summit less than a month away, it is time to start planning what you will be doing there.  If you are going to the Summit this year, there are a large number of sessions, speakers, and exhibitors for you to check out and learn from.  This stands alone from the thousands [&he...

It’s just a leak

In recent weeks, leaks have been at the forefront of news.  This is mostly in a political spectrum, but it illustrates the importance of managing how information flows through an organization.  There have been examples other than those coming from the White House though. Being non-political in na...

Your Privacy Resolution

A new year usually means setting a goal to remodel that extra bedroom, cut out caffeine, or finally hit the gym for 30 minutes a day.  This year you have an even greater goal in mind, the improvement of your privacy program.  Here are some great ways to start you on your way to achieving […]

Happy Data Privacy Day

(Note, this post first appeared in the Operational Privacy blog on CIO.com) Data Privacy Day (DPD), held every January 28 and coordinated by the National Cyber Security Alliance (NCSA), is an international effort highlighting “Respecting Privacy, Safeguarding Data and Enabling Trust.” DPD p...

Quick Thoughts on IoT

Recently I saw an interesting image on twitter from @darrencauthon.  The image was a television with an alleged FBI notice notifying the individual that their new smart TV had “suspicious files” and that they were being penalized $500 before they could use their TV again.  All of this is accompan...

Thoughts on Passwords and Privacy

Within 24 hours, I have had some interesting interactions with strong, or sometimes not-so-strong, passwords.  I figured now was a good time to go over some of the pitfalls you might encounter when trying to implement a new password policy for your customers or employees.

Facebook knows a lot

A few weeks ago, I was auditing a CIPP/US class that Bob Siegel was teaching on behalf of the IAPP.  Someone brought up the idea of openness and allowing individuals access to the data you have about them.  At this point, Bob discussed the principles behind this, such as how the OECD Guidelines a...

Social Engineering is a Massive Problem

Recently, a large number of YouTubers and other celebrities have been “hacked” or lost control of their accounts.  The truth of the matter is that they aren’t being hacked, but instead the person taking control of these accounts is just having others do it for them.  The people and groups helping...