(May 26, 2015) Winning approval for both binding corporate rules (BCRs) and cross-border privacy rules (CBPRs) takes a significant number of man hours to achieve. But to demonstrate compliance, many of the administrative hurdles are the same. That’s why, as companies increasingly turn to BCRs and CBPRs as data transfer mechanisms, an EU/APEC working group has approved a plan for increased interoperability by making it easier for companies to comply with both BCRs and CBPRs all at once. Read More

The Privacy Advisor

People on the Move

(May 26, 2015) People on the Move—May   Ray Pathak Ray Pathak, CIPP/C and CIPT, joins Nymity as Privacy Office Solutions Advisor. A Ryseron University graduate, he is credited with implementing privacy programs and fostering new security initiatives, first at financial technologies firm D + H, then followed by his tenure at Target Canada. In Pathak’s new role, he will work to connect Nymity customers with the corporation’s most pertinent resources. Read More

Privacy Products You May Want To Know About

(May 26, 2015) Privacy Checker from F-Secure F-Secure unveiled a complimentary service, dubbed Privacy Checker, which allows users to identify data that trackers use for potential mal-intent. Upon diagnosing potential “footprints,” the tool provides access to its VPN “Freedome,” allowing concerned customers to cover said tracks, should they wish.    HIPPA Audit Preparation Training Suite from 3Lions Publishing, Inc. 3Lions Publishing, Inc., released HIPAA Audit Preparation Training Suite, a progra... Read More

The Privacy Advisor

Privacy Innovation Awards—Where Are They Now? Part One: Vodafone

(May 26, 2015) The call for nominees is now open for the HP-IAPP Privacy Innovation Awards, which recognize unique global privacy and data protection programs and services in both the private and public sectors, which got us thinking about our past winners. The Privacy Advisor will be profiling some of our past winners, starting with the 2012 Innovation Award-Winning Project, Vodafone Privacy Programme. Read More

The Privacy Advisor

Australian Privacy Management Framework Launched

(May 26, 2015) On May 4, the Office of the Australian Information Commissioner released its previously announced Privacy Management Framework. The framework is intended to assist private and public sector organisations in meeting their Australian privacy compliance obligations. It follows previously released accountability/ privacy governance guides issued by the respective Canadian, Hong Kong and French privacy regulators. Read More

The Privacy Advisor

CJEU Case To Determine Who Can Regulate Whom

(May 26, 2015) Each EU member state is required to have its own, independent data protection authority, but determining the precise jurisdiction of those authorities has become an issue of some significance in the past year. That's exemplified in a Court of Justice of the European Union case that's worth watching: Weltimmo, reports Denis Kelleher. Read More

The Privacy Advisor

$19 Million Breach Settlement Terminated

(May 26, 2015) A $19 million settlement between Target and MasterCard has been terminated, Reuters reports. The deal was originally announced in April and would have provided compensation to banks and credit unions that sued over Target’s breach, but the settlement fell through because not enough banks accepted the deal. In their suit, lawyers argued that the deal with MasterCard “was an attempt to undercut their claims for damages,” the report states. Plaintiffs’ lawyers said, “We are pleased that financial institutions have resoundingly rejected Target and MasterCard’s attempt to avoid fully reimbursing the losses suffered during one of the largest data breaches in U.S. history.” Read More

Daily Dashboard

Roundup: Germany, South Africa, Belgium, U.S. and More

(May 26, 2015) The latest proposed draft of Germany’s data retention legislation includes a provision for keeping the data in Germany, which some say may not sit well with U.S. tech firms. Meanwhile, Belgium has written a lengthy recommendation stating why it should be regulating Facebook, and EU ambassadors have agreed to a proposal that would create three levels of fines for violations of the data protection overhaul. Also in this week’s Privacy Tracker weekly legislative roundup, South Africa is taking steps to appoint an information regulator and newly proposed drone regulations may conflict with business uses, and you can read about updates on the 21st Century Cures bill, PCLOB and the USA PATRIOT Act as well as state actions in the U.S. (IAPP member login required.) Read More

Daily Dashboard