CPRA: New Definition of Consent

“Consent” is defined as any freely given, specific, informed and unambiguous indication of the consumer’s wishes he or she, or his or her legal guardian, by a person who has power of attorney or is acting as a conservator for the consumer, such as by a statement or by a clear af...

Can Consent Fall Short in GDPR?

Over the past several months, I have been taking a deeper dive into GDPR. I have found Article 6 on the legal basis for processing data particularly interesting. There is some discussion to be had for each company and how they will process data in a particular case, but I often hear that consent ...

Police, Body Cameras, Privacy, and Policy

In the recent past a local police officer was involved in a shooting resulting in a citizen’s death. Soon after, the cry of “if only there was a body camera we would know what happened” was heard. I agree. However any police department needs to put policies in place to protect c...

Tom Brady, Joe Namath, and Privacy

Like many Americans I grew up idolizing football players, quarterbacks in particular. Joe Namath and Tom Brady are among those I have enjoyed watching play. Who would of thought that these two men who played in different eras would provide examples for a privacy discussion for business.

Radio Shack’s Privacy Notice Oversight

Growing up I spent a good amount of time at Radio Shack. I liked to “play” with electronics just to understand how things worked. It always bothered me that they asked for my zip code for every transaction, but they still got my money. That may be in part why I became a privacy profes...

Business and wearable technology

Over the past few weeks I have been wearing my Google Glass in public. The experiences have been invaluable to my understanding of the privacy implications of wearable technology. Lately I have been giving some thought to the business policy challenges the technology presents.

A Privacy Pro and Wearable Technology

Privacy professionals, including myself, have been warning of the dangers to privacy from wearable technology. The concerns I have been expressing have been based on reported product capabilities, anecdotal evidence, and published reports. So when I had the opportunity to join the Google Glass Ex...

Assess risk prior to collecting personal information

My saga of finding new doctors continued over the last few weeks. With each visit I continue to gain insight into privacy risks unknowingly being taken by small businesses. My experience tells me larger business make similar mistakes. This time the doctor collected unneeded personal information f...

Privacy and the Cloud

Cloud computing provides an opportunity for businesses to lower costs and increase their computing infrastructure’s flexibility. When utilizing a cloud service provider for additional storage, computing power, or a full application you should look into the privacy implications as these are ...

Valuable functionality can cause a privacy breach

Last Friday it was revealed that reporters from Bloomberg News could retrieve information from the profiles of subscribers to Bloomberg’s data terminals as well as the subscribers’ system usage (NYT article here). While I agree with the characterization of this incident as a “mi...
Training for everyone on your team