Feb
17
2015

Chilean Government Moving Toward Stronger Privacy Provisions

Keyboard Illustration Compliance

The Chilean government has drafted a new data privacy bill that will create a Data Protection Authority with regulatory and sanction powers, ban international transfers to destinations that do not have “adequate” protections, and impose higher fines for privacy violations. Currently, the maximum fine is about €3,000 or $3,475, and has never been imposed.

The purpose of this new proposed law is to address enforcement gaps that have been a source of criticism of Chile’s current law (which is based on Spain’s data protection framework). Another key condition of the proposed law is that it will require companies to register databases containing personal information, which isn’t required under the country’s current data protection law. Also, under the proposed law, individuals will be allowed to request the removal of their personal information from a database if the information is being used for purposes other than for the purpose it was originally provided.

Read the rest of this entry »

Feb
16
2015

Register Now — Vendor Management Webinar This Thursday

Computer keyboard webinar

This Thursday, Feb. 19, you’re invited to the second webinar in TRUSTe’s Privacy Insight Series. The webinar will focus on Vendor Management Best Practices and will review how to identify key considerations, requirements and risks when dealing with downstream vendors. Attendees will also be given an actionable checklist for effective program management.

Vendor management is one of the top priorities for privacy professionals in 2015 and vital to a successful ongoing governance, risk and compliance program for any large organization.

“Working with third-party vendors can pose some privacy challenges that companies often struggle to manage,” says Debra Farber, Sr. Privacy Consultant and Product Manager at TRUSTe, who will be co-hosting the webinar with K Royal, Privacy Counsel at Align Technology. “In this webinar, we’ll shed light on how privacy professionals can analyze whether the vendors they work with are complying with current data privacy laws and best practices in order to mitigate any risk.”

The 2014 Vendor Risk Management Benchmark Study conducted by Shared Assessments in collaboration with global consulting firm Protiviti, examined the maturity of organizations’ current vendor risk management programs and found that vendors fail to meet risk-management guidelines and do not invest the resources to meet best practices despite the current regulatory environment.

“Data privacy is an ever-evolving subject, and it’s essential companies and their third party vendors comply with current regulations,” says K Royal, Privacy Counsel at Align Technology. “Often, the level of maturity varies broadly among vendors. Building a relationship with them and having your own processes well-developed goes a long way to establish a healthy and long-term partnership.”

The webinar takes place from 9 a.m.-10 a.m. PT. Register now to set your company off on the right foot for 2015 and streamline the vendor risk management process for your organization.

The Privacy Insight Series features in-person roundtables with industry experts, and webinars touching on of-the-moment privacy topics.

 

 

 

 

Feb
13
2015

Chicago Roundtable Recap

Chicago2

By Dave Deasy, VP Marketing at TRUSTe 

On Tuesday Feb. 10, we held our third event of the 10 events in the TRUSTe Privacy Insight Series, an informative and highly interactive roundtable bringing together over two-dozen top professionals from the privacy ecosystem. While the weather outside was cold (at least by California standards), the room was hot with a vibrant exchange of privacy best practices and advice on a wide range of topics.

TRUSTe CEO Chris Babel kicked-off the event by moderating a panel comprising of executives from Motorola, PwC and Compliance Week.  One of the more notable discussion items was the need for a cross-functional team to address privacy across the enterprise. The days when privacy was the sole domain of legal are long gone and now require teams from compliance, IT, marketing and engineering to work together. This approach helps ensure there is a true enterprise-wide understanding of privacy and processes that can be properly aligned. The session also highlighted the challenges and importance of understanding where your data is – what do you collect, how it is collected, where is the data stored, who has access to it, etc.  The rapid advances in technology, along with the increased use of third parties, has made managing the privacy aspects of data much harder.

I led a session presenting key findings from TRUSTe’s Privacy Assessment Benchmarking Study. Key highlights included estimates on the volume and time investment required to complete a Privacy Impact Assessment (PIA) — 59 per year and 285 hours per assessment respectively. I also presented insights into why PIAs take so long – the top challenges include getting participants to respond and the time required to complete the compliance gap analysis.

There was a second panel led by TRUSTe’s Kevin Trilli, featuring executives from Kellogg and Baxter International. They discussed the challenges enterprises face managing their privacy operations. This was followed by an informative demonstration of TRUSTe’s Assessment Manager product. Assessment Manager is the newest addition to the TRUSTe Data Privacy Management Platform and automates the process for conducting and managing assessments.

Our next event is a webinar discussing Vendor Management Best Practices on February 19. Register here.

Feb
11
2015

Meet TRUSTe: Helen Huang, Product Manager

helen_blog

Our latest series will introduce you to a new TRUSTe employee every week to give you an inside look at the talented, knowledgable and friendly people who work at TRUSTe.  

Name: Helen Huang

Job Title: Product Manager

How long have you worked at TRUSTe? I have worked at TRUSTe for almost 4 years now.

Tell us about your role at TRUSTe: I am the Product Manager for all TRUSTed Ads (OBA) and Cookie Consent Manager SaaS products. I work very closely with all teams at TRUSTe: Marketing, Sales, Account Management, and especially Engineering to ensure we are able to deliver quality products to our clients and the market. I am taking on more new products this year in 2015 and participating in integrating my current SaaS products into a higher-level platform. There is more exciting news to come!

What do you think are the top privacy challenges for companies? The way companies track users has evolved to become much more sophisticated. In addition, more players are involved in the tracking process. It is difficult for users to get full visibility of how companies are sharing and using their data. Companies have good intentions but technology and the complex ecosystem pose a challenge to privacy.

Read the rest of this entry »

Feb
09
2015

Chicago Roundtable to Tackle Global Privacy Risk, Compliance

Michelle Dennedy, VP and Chief Privacy Officer at McAfee; Chris Babel, CEO of TRUSTe, and Michelle Quinn, Business Columnist at the San Jose Mercury News discuss privacy as it relates to businesses and consumers at the Privacy Insight Series on Data Privacy Day.

Michelle Dennedy, VP and Chief Privacy Officer at McAfee; Chris Babel, CEO of TRUSTe, and Michelle Quinn, Business Columnist at the San Jose Mercury News discuss privacy as it relates to businesses and consumers at the Privacy Insight Series on Data Privacy Day.

Tomorrow, Feb. 10th, TRUSTe will host an exclusive event in Chicago as part of the ongoing 2015 Privacy Insight Series. The “Managing Global Privacy Risk & Compliance” roundtable will take place at the Chicago Marriott Downtown Magnificent Mile from 8 a.m.- 12 p.m.

Privacy experts gather to discuss current privacy practices and issues for businesses.

Read the rest of this entry »

Feb
06
2015

Kids’ Privacy – It’s All About Respect!

CasualConnect1

By Eleanor Treharne-Jones, CIPP/E, Director, EMEA & Global Communications

In the U.S., recent revisions to Children’s Online Privacy Protection Act (COPPA), and legal action by the Federal Trade Commission have brought renewed attention to the issue of children’s online privacy. In the EU, changes proposed in the draft Data Protection Regulation addressing the protection of children’s online privacy mirror many of those included under COPPA.

There’s been phenomenal growth of mobile applications and games, and we know that pre-teens are among the most active users of this technology. So the question that needs to be addressed is, what is a viable strategy for app publishers to navigate these laws while ensuring parents are informed and in control of their children’s privacy?

Read the rest of this entry »

Feb
04
2015

Meet TRUSTe: Dave Deasy, VP Marketing

dave_blog

Our latest series will introduce you to a new TRUSTe employee every week to give you an inside look at the talented, knowledgeable and friendly people who work at TRUSTe.

Name: Dave Deasy

Job Title: VP Marketing

How long have you worked at TRUSTe? 4 years

Tell us about your role at TRUSTe: I head up marketing at TRUSTe. Our team is responsible for helping to make sure our products and services meet the needs of our clients. We produce a wide range of programs including Industry Summits, Educational Webinars, Consumer Research, Business Benchmarking Reports, and White Papers, to name a few. In addition to our own resources and events, we participate in industry conferences and trades hows around the globe including IAPP, Online Trust Alliance (OTA), Future of Privacy Forum (FPF), DAA / EDAA, IAB, MMA, RSA, Compliance Week, and many more. We also produce the TRUSTe Blog, TRUSTe Digest Newsletter, and manage our website (www.truste.com).

What do you think are the top privacy challenges for companies? The biggest privacy challenge companies face is having a global understanding of what data is being collected, how it is being used, and what the compliance requirements and consumer trust expectations are. If this sounds like a lot, it is. By global I don’t just mean across geographic borders, but also across business units, departments, products, etc. The advances in technology and the Internet during the past 10 years have made it increasingly easy for individuals and organizations across a business to build and launch apps, add or change content to websites, introduce new advertising and marketing partners, and a whole lot more. While all of these developments are helping to speed the development of new products and services, they are also creating an increasingly complex data environment that requires a comprehensive approach to manage. At the same time, regulators and industry groups are increasing their efforts to help provide frameworks and rules so businesses can govern their use of data, but differing standards across geographies and industries can sometimes lead to grey areas which in turn leads to confusion on what to do.

Read the rest of this entry »

Feb
04
2015

APEC Member Economies Endorse ‘Privacy Recognition for Processors’ Standard

fort bonifacio skyscrapers manila

After four days of intense meetings and discussions at the Asia Pacific Economic Cooperation’s (APEC) First Senior Officials Meeting in Subic Bay, Philippines, APEC Member Economies today completed work on a  ”Privacy Recognition for Processors” (PRP). The PRP is designed to help data processors demonstrate their ability to provide effective implementation of a data controller’s privacy obligations consistently with APEC’s Cross Border Privacy Rules (CBPR) System.

The PRP is a series of 17 program requirements a processor must implement in order to be certified by an APEC-recognized Accountability Agent.  In the coming months, APEC Members will complete the procedural documents necessary to recognize Accountability Agents that will certify interested data processors.

TRUSTe has actively participated in the development of the APEC CBPR system over the last 8 years and Chris Babel, CEO TRUSTe and Josh Harris, Policy Director, were in the Philippines at the Senior Officials meeting this week.

TRUSTe was re-recognized as an Accountability Agent for data controllers under the CBPR System by the 21 APEC Member Economies on January 27 and plans to continue work with APEC Member Economies to establish a trusted global data processing network under the PRP.

For more information about the TRUSTe APEC program including the program requirements, visit http://www.truste.com/privacy-program-requirements/apec.


Older posts «

» Newer posts