Privacy Protections for Broadband ISP Consumers Uncertain

March 24, 2017

Last fall Chairman Wheeler put together a proposal that would help provide universal privacy protection principles to individuals’ personal information collected by broadband Internet Service Providers (ISPs), namely: choice, transparency, and security. Approved by the U.S. Federal Communications Commission, the rules  would implement the privacy requirements of Section 222 of the Communications Act for broadband ISPs. The rules separate the use and sharing of information into three categories and include clear guidance for both ISPs and customers about the transparency, choice and security requirements for customers’ personal information: Opt-in:  ISPs are required to obtain affirmative “opt-in” consent from consumers to … Continue reading Privacy Protections for Broadband ISP Consumers Uncertain

Privacy Shield Grace Period is Ending, Are you Ready?

March 20, 2017

Soon companies that self-certified with the Department of Commerce (DOC) last fall before the September 30, 2016 deadline will have the 9 month “grace period” come to a close. The grace period was given to these companies so that they could ensure that all of their third party vendors met the Accountability for Onward Transfer principle. The grace period ends soon, meaning that the deadline is fast approaching. The Privacy Shield  Accountability for Onward Transfer principle, Section II, 3.b., states: To transfer personal data to a third party acting as an agent, organizations must: (i) transfer such data only for limited and specified … Continue reading Privacy Shield Grace Period is Ending, Are you Ready?

5 Benefits of APEC CBPR Certification You Should Know About

March 13, 2017

1) Jurisdiction-Specific Transfer Benefits: In Japan, companies that have a CBPR certification do not have to obtain consent to transfer data to another country, which is otherwise required under Japanese law. 2) Facilitation of APEC-European Interoperability: An APEC CBPR certification may make it easier for an organization to obtain approval of their Binding Corporate Rules in the European Union. Since 2013, APEC member Economies and EU officials have been collaborating to promote interoperability between the two regional transfer mechanisms. 3) Alignment with Global Frameworks: An APEC CBPR certification is based on many of the same principles that inform the OECD … Continue reading 5 Benefits of APEC CBPR Certification You Should Know About

March Event Spotlight: RampUp, IAPP Europe Data Protection & Privacy Program Management Webinar

March 06, 2017

RampUp 2017 March 7 San Francisco, CA The annual RampUp summit is a hub of excitement and idea-sharing that gathers major players in digital marketing together in one place. The goal? To discuss the challenges and solutions facing the industry today. Network with your peers and industry leaders while you soak up what’s important to know for the future of MarTech. Don’t miss TRUSTe SVP of Marketing Dave Deasy speak on the “Consumer Engagement in an Age of Skepticism” panel at 3:35pm alongside Lou Mastria, DAA; Shannon Orr, Gap Inc.; Michael A. Signorelli, Venable LLP and Julie Bernard, Verve. > … Continue reading March Event Spotlight: RampUp, IAPP Europe Data Protection & Privacy Program Management Webinar

3 Ways to Leverage Your Privacy Shield Certification

March 02, 2017

Last week TRUSTe held a webinar “Privacy Shield Self-Certification – What’s Next?” as part of its Privacy Insight Series. If you missed the webinar you can still sign up to receive the on-demand recording and the slides. Our speakers, David Fowler, Chief Privacy & Digital Compliance Officer, Act-On Software; Amanda Gratchner, Global Privacy Counsel, NAVEX Global; and K Royal, Senior Privacy Consultant at TRUSTe discussed several different ways to enhance everything from your policies to your Privacy Impact Assessments by leveraging your Privacy Shield Certification. They also discussed how to use the Certification toward compliance with other frameworks, such as the … Continue reading 3 Ways to Leverage Your Privacy Shield Certification

Play Store Requires Privacy Policies

February 28, 2017

Google recently informed some developers with apps on its storefront that it will be penalizing apps on its Google Play Store that do not have privacy policies adhering to its User Data Policy. According to Next Web, Google emailed a notice to developers stating that violations of the User Data Policy would result in their apps’ visibility being limited or removed altogether. The User Policy states: You must be transparent in how you handle user data (e.g., information provided by a user, collected about a user, and collected about a user’s use of the app or device), including by disclosing … Continue reading Play Store Requires Privacy Policies