Blogs
Assessing Privacy Processes
I wrote previously about how privacy doesn’t really care about AI in particular, but that the use of personal information overall is the concern. However,
New State Laws, New Spin on Requirements
Among the four newly passed comprehensive privacy laws signed in April and May–Kentucky, Maryland, Minnesota, and Nebraska—there are new takes on some common requirements from
Selling Privacy to Executives
Every organization regularly has to consider budgets. It’s simply a fact of life that companies must determine how best to allocate resources. Privacy professionals know
CCPA enforcement action takeaways
California AG CCPA enforcement trends and takeaways The California Attorney General has enacted two major California Consumer Privacy Act (CCPA) enforcement actions so far, respectively
Conformity Assessments
The EU AI Act has been agreed upon by the Parliament, Commission, and Council of the European Union and will bring with it obligations for
Universal Opt-Out Mechanisms FAQ
As more US states pass comprehensive privacy laws with technological advances in mind, a recent trend emerging is a requirement that controllers’ websites comply with
Some old, some new requirements in NH and NJ laws
Two new US state laws have been approved for New Jersey and New Hampshire already this year. As part of our commitment to keeping up
Privacy and the SMBs
With the introduction of new privacy laws, I frequently am asked “what do I need to do?” by business owners. Recently, the question is coming
AI Criteria: Access
During a webinar in May of 2023, I stated that the main problem with artificial intelligence isn’t AI itself, but the people who use it.
AI Criteria: Review
The most important piece of any privacy program handling or investigating the use of artificial intelligence is the review process. There are three areas to
Balancing user convenience and consent in system updates
Over Thanksgiving, a Facebook post from a local community police department caught my attention, warning about an automatic feature called NameDrop in the Apple iOS17
AI criteria: Notice and Choice
Providing a privacy notice to individuals about how their data is collected and processed is not a foreign concept to privacy professionals. We need to
AI criteria: Non-invasiveness
Privacy is often considering whether or not a use of information is appropriate. What is or isn’t appropriate is based on regulations and rules, but
Is the use of the Meta pixel a VPPA violation?
An increasing number of class action lawsuits are being raised alleging violations of the Video Privacy Protection Act, or VPPA, sharing a common thread which
Privacy Training Is (Still) Vitally Important
Several years ago, I wrote a pamphlet for the International Association of Privacy Professionals titled Six Ways Privacy Awareness Training Will Transform Your Staff . The