Recently, the US Congress met to discuss privacy protections from the perspective of a federal regulation. One of the most discussed topics was GDPR and whether it works or not. A lot was said, and I was pretty disappointed with the overall lack of nuance with regards to understanding what privac...

The announcement from CNIL about their decision to fine Google provide a valuable insight into the thinking of Supervisory Authorities when it comes to transparency (notice) and consent. Google’s vulnerability to fine is attributed to the complexity of their privacy notice and terms of service. T...

I was recently traveling, and I downloaded the airlines’ app to use on the road.  It did prove to be initially beneficial when checking in and selecting my seat.  However, I’d like to suggest that the app prompts to opt-in to push notifications, instead of leaving it as a toggle within the app.  ...

Lack of compliance reviews exposes your organization to legal and reputation risk. Putting a compliance program in place with a combination of audits, assessments, and attestations will help reduce this exposure.

One of the questions I receive, mostly from my wife’s family and students considering their future careers, is how I got into privacy. It’s an interesting topic for me. I am a huge nerd, this is no secret, and my passion for games has played a huge part in my growth as a privacy pro.

2018 was a very eventful and active year for privacy professionals. As we come to the end, I have been discussing what plans are being put in place for 2019 with our clients. If their plans are any indication, 2019 will have privacy professionals busier than ever.

A few weeks ago, I made it to Austin, TX for the Privacy Security and Risk Conference being held by the IAPP. As always, it was a great conference with pros and those who have only just begun as privacy professionals. One of the most interesting aspects of the conference was the focus on the [&he...

With the IAPP’s PSR 2018 conference just around the corner (see you all in Austin, TX), I have started thinking more about the conference. Originally, I attended the IAPP Academy, prior to becoming PSR, and it was very focused on learning for newer privacy pros. A lot of great conversations are h...

I recently read an article published on the Society for Human Resource Management’s website on the prevalence of biometrics in the employment context. Specifically, the author referenced a Spiceworks’ survey of IT professionals from February 2018 that provided, in my mind, surprising results.