May
01
2015

May Spotlight Events — European Data Protection Days, Internet Week New York & More!

PrivacyInsight

PrivacyInsight

 

  • May 4-5

European Data Protection Days 

Berlin

Data protection experts from around the world will present on topics ranging from EU Safe Harbor to the Right to be Forgotten to drones. With an impressive number of distinguished speakers, this event is sure to be very informative!

Register here.

 

  • May 5

Automating Data Privacy Management Roundtable

Berlin

Part of the Privacy Insight Series, this roundtable brings together privacy professional to discuss the value of automating data privacy assessments. According to new research, the average company conducts 59 Privacy Impact Assessments (PIAs) per year taking 285 hours per assessment. Join us to see how your company’s privacy management stacks up, and gain insight into how other companies manage privacy.

Request an invite by clicking the link at the bottom of this page.

Read the rest of this entry »

Apr
30
2015

End-of-Month Recap: What You Might Have Missed

Privacy

At the end of each month we’ll compile a list featuring some of the most informative and interesting privacy blog posts to let you know what topics are driving the privacy agenda this month.

Privacy

April was a busy month for privacy professionals and at TRUSTe. There was the widely attended RSA Conference in San Francisco, the IAPP Europe Data Protection Intensive in London and Digital Media Europe 2015 also in London, not to mention TRUSTe’s own Privacy Insight Series events. This month we hosted a roundtable event in London to discuss Privacy Assessment Best Practices. At TRUSTe we opened registration for this year’s IoT Privacy Summit taking place in June, as well as announced our new device fingerprinting detection offering (you’ll find the link to the blog post about it below). Keep reading for April’s privacy highlights!

Read the rest of this entry »

Apr
29
2015

Meet TRUSTe: Erwin Asignar, Senior Privacy Solutions Manager

erwin_blog

Our latest series will introduce you to a new TRUSTe employee every week to give you an inside look at the talented, knowledgeable and friendly people who work at TRUSTe.  

erwin_blog

 

Name: Erwin Asignar

Job Title: Senior Privacy Solutions Manager

How long have you worked at TRUSTe? Going on 3 years now. I will be celebrating my third year anniversary on May 10, 2015.

Tell us about your role at TRUSTe. In my current role as a Senior Privacy Solutions Manager in our Cebu office in the Philippines, I work with new clients who are completing their TRUSTe certifications as well as existing clients who are completing renewal certifications for their websites, mobile applications and/or cloud platforms. My job includes speaking with clients and having them show me how personal information is collected through their website, and reviewing and making recommendations to ensure their privacy practices meet TRUSTe certification standards. I make sure that I build a strong relationship with each client to add value to the services that we are offering. Aside from doing client certification assessments, I also conduct certification trainings for newly hired Privacy Solutions Representatives and Privacy Solutions Managers.

Read the rest of this entry »

Apr
28
2015

Why Privacy Matters

Security concept: Privacy on digital background

By Ralph O’Brien, Senior Consultant, Compliance Solutions at TRUSTe

The other night I got into a discussion with a friend about personal privacy. He said: “Most people would find me very boring, why should I care if they look at my stuff online?” Or otherwise put — If you’ve got nothing to hide, why should privacy concern you? Apart from the temptation to ask for all of his Internet account passwords and history so I could publish them online (my usual response), it inspired me to write this blog post to address the fundamental question — why is privacy important?

I should start by saying I love the modern era and all that technology does for us. I use a mobile phone, I bank online, I have an online presence, I use cloud technologies to store data, and I collaborate with colleagues across the globe in ways not possible just a few years ago. But it also has given me a keen awareness of the risks. I understand that when I get something for free, there is a price to pay, and part of that price is handing over my personal information. What we should all be asking ourselves is, “Is the trade of my personal information worth it?”

Read the rest of this entry »

Apr
27
2015

Privacy & Security MeetUp Event Tomorrow at TRUSTe Headquarters

AprilMeetUp1

Join the Privacy Innovation & Technology MeetUp tomorrow, April 28, for an evening of drinks and discussion. The topic of this meet-up is, “Privacy and Security by Design: Baking It In.” The event beings at 6 p.m. and will take place at the TRUSTe headquarters, located at 835 Market Street, Suite 800, San Francisco.

The evening’s presentation will be given by Sharon Anolik, President of Privacy Panacea, a boutique firm providing strategic data protection, data enablement and privacy communication solutions. Sharon will provide insights and expert advice about the evening’s topic. She is also speaking on a healthcare panel at our upcoming IoT Privacy Summit in June.

The evening ends at 8 p.m.

Please RSVP through Meetup.com.

Apr
23
2015

California Leads The Way On Children’s Privacy Protection Laws

CaliforniaSacramento

By Andrew McDevitt, Senior Privacy Consultant at TRUSTe

 

California has always been known as a trailblazer state within the entertainment and technology sectors. This has significantly influenced our society, both at the national and global levels. The golden state is no different when it comes to public policy trends. California has historically served as a national bellwether on a variety of political issues and matters pertaining to data privacy are no different.

During the 2013 and 2014 legislative cycles state lawmakers enacted legislation to provide more robust data privacy protections for California’s children.

 

Student Online Personal Information Protection Act (SOPIPA)

One of these laws is Senate Bill 1117, also known as the Student Online Personal Information Protection Act (SOPIPA). Effective as of Jan. 1, 2016, SOPIPA would preclude online service companies that focus on the K-12 educational offerings to engage in targeted advertising to minor students and their parents or legal guardians and to collect information about these students to establish individual profiles about them. SOPIPA also bans the sale of a student’s information and requires the K-12 online service organizations to implement and maintain reasonable security to protect the data they do collect. In addition, these service entities must delete student data upon the request of a K-12 school or district that has had its students use a company’s online educational services.

 

Privacy Rights for California Minors in the Digital World

The other significant child privacy legislation passed in 2013 was Senate Bill 568 titled, Privacy Rights for California Minors in the Digital World. Effective as of Jan. 1, 2015, this law prohibits online service companies from marketing a variety of products and services to minors when such products and services can only be purchased by a person 18 years of age or older. The law also prohibits the collection of personal data of minors that would be shared with third parties for the purpose of advertising or marketing these same types of products and services. The most noteworthy aspect of S.B. 568 is the “right to be forgotten” clause in the context of minors. Essentially, this means that a California resident who is under 18 years of age now has the ability to have the online content that is collected and stored about them by an online service company to be permanently deleted. In fact, the website owner must actually disclose to minors that they indeed have this right and they must be educated about the actual process to make such a request when desired.

Some of the key drivers for the passage of these two significant child privacy protection laws are that the public now has a heightened awareness and concern about data privacy matters. At the same time, K-12 public schools are increasingly looking for free or low-cost online technology services to successfully educate students during extreme budgetary shortfalls at the state and school district levels. In addition, the current trajectory of negative online activities and behaviors of some California minors were potentially leading toward long-term ramifications if students were not provided the opportunity to delete their online mistakes. According to a recent study about parents’ concerns regarding their pre-teens’ Internet usage, 43% of parents think their child will share personal information online that they will later regret.

What this means for online service organizations is that they will need to clearly establish a mechanism to identify minors who are using their site if they are not doing so already. These websites will also need to establish effective legal and technological mechanisms, as well as policies and programs to ensure that they are fully compliant with these new child privacy protection laws. This includes providing minors an easy method to exercise their new “right to be forgotten” rights. Online tracking partners and technologies will also need to be fine-tuned to ensure that California’s minors are not included in online advertising programs in the K-12 context or being served advertisements that are not deemed age appropriate by the state. This will also be a perfect opportunity for these organizations to evaluate their current data security programs and address any new gaps or vulnerabilities found.

 

Apr
20
2015

Visit TRUSTe at the RSA Conference in San Francisco This Week!

RSAConference2015

The RSA Conference 2015 is taking place this week in San Francisco at the Moscone Center. We’ll be demoing TRUSTe’s Assessment Manager, our automated privacy solution, starting Tuesday and going through Thursday evening. Stop by the TRUSTe booth located in the North Hall, booth #N3022. We’ll be handing out some fun swag and gift cards for visitors interested in taking a survey or watching a demo.

RSA is a security conference and, yes, security and privacy are different but the two are both essential areas for companies to understand and implement smart practices in order to mitigate risk.

The RSA Conference is one of the largest security events in the US. The event draws in nearly 30,000 attendees each year.

We perused the list of other privacy-related events taking place at RSA and compiled this must-see list:

We hope to see you there!

 

 

Apr
20
2015

How the Privacy Landscape is Creating In-Demand Jobs

Image converted using ifftoany

By KimAnh Tran, Associate Legal Counsel, CIPP/US, Contributor

High profile breaches seem to arise almost weekly across all industries and verticals, making privacy and security top-of-mind for organizations large and small. Fear has proven to be a strong motivator for many organizations, as an expensive remediation process, a regulatory audit and a public relations disaster looms with any breach. Predictably, companies are reacting by trying to clean up their own privacy practices company-wide. This objective, though admirable, is not easily accomplished, and typically requires the skills of experienced privacy professionals.

Privacy management as an industry is still relatively young and consequently, privacy veterans are few and far between. However, more and more job descriptions express a need for seasoned privacy professionals with experience in tracking and understanding privacy regulations and best practices, and applying such knowledge in a variety of different roles and functions.

Though official titles may vary, there are several roles and functions that seem to be in-demand in the privacy space. The qualifications for each may differ depending on company size, the company’s industry and need for privacy support. However, a CIPP certification through the International Association of Privacy Professional may indicate a certain level of credibility and dedication to privacy in the eyes of a hiring manager.

Read the rest of this entry »

Older posts «

» Newer posts