Privacy Compliance

In the video, Bob Siegel gives advice on developing an internal privacy compliance program and what that entails. Bob also answers how to accomplish that without draining your own labor resources, using different services and tools.

Privacy Program Mission Statements

In this video, Bob Siegel explains what a privacy program mission statement is, what it typically contains, and why it is important to your organization to have a clearly defined statement.

Protect Your Privacy Spring Cleaning

I’ll be honest, my blog idea was generated from an article about spring cleaning.  Let’s face it, lots of things could benefit from spring cleaning:  homes, cars, desk drawers… How about your inbox?  Maybe the ever-growing number of presentation drafts in your documents folder?  How about the fla...

What you don’t know may (pleasantly) surprise you

Today I find myself in Louisville, KY performing a privacy assessment for a client. When visiting clients to perform an assessment, I meet with team members from all parts of the organization. Usually, I am accompanied by someone from the privacy office or legal team. Frequently, my escorts learn...

Protecting kids online – are we doing our best?

I’m trying to work through some thoughts about how companies repeatedly take advantage of consumers’ privacy in the US.  The latest being TikTok, a video sharing app acquired from musical.ly, which has agreed to pay $5.7 million to settle allegations that it collected personal information fr...

In da House (of Representatives)

Recently, the US Congress met to discuss privacy protections from the perspective of a federal regulation. One of the most discussed topics was GDPR and whether it works or not. A lot was said, and I was pretty disappointed with the overall lack of nuance with regards to understanding what privac...

CNIL’s Google Fine of 50 million Euros

The announcement from CNIL about their decision to fine Google provide a valuable insight into the thinking of Supervisory Authorities when it comes to transparency (notice) and consent. Google’s vulnerability to fine is attributed to the complexity of their privacy notice and terms of service. T...

In praise of a privacy compliance program

Lack of compliance reviews exposes your organization to legal and reputation risk. Putting a compliance program in place with a combination of audits, assessments, and attestations will help reduce this exposure.

Political Campaigns Need Privacy Policies and Training

When I made the transition from working in American Politics to learning about Privacy, the first tidbit of information I was given was that there was a difference in terminology between the American  and the European practice. In America, we use the term Privacy but in Europe they use the term D...