We All Care About Data Security, Except When We Don’t

It should be clear by now that we are most comfortable expressing our thoughts in the form of movie quotes, falling as we do into that demographic of Americans who believe that if you can’t say it with a gif from an 80s movie, you don’t need to say it at all. Really, it works… Read More

Data Privacy Legislation and the “Brunhilde Effect”

One day before the midterm elections, and we’re fully into the silly season of data-related legislation in the United States, with prospective members of Congress setting forth their approach to managing privacy and security with a variety of proposals that are….let’s call them “interesting.”  I say “interesting” because it’s intriguing to see that candidates treat… Read More

Data Strategy & Privacy at The Yext Onward ’18 Conference in New York

Yext throws probably the most compelling conference in digital knowledge. Heck, it’s probably the best conference in New York this year. With headliners like Neil deGrasse Tyson, Dr. Hannah Fry, and David Blaine, there was some solid star power that captured the essence of the conference: Knowledge is Power. On day two, we had the opportunity… Read More

Key Takeaways from the International Conference of Data Protection and Privacy Commissioners

Last week, I attended the 40th ICDPPC in Brussels, which is the global meeting of all privacy and data security regulators.  The theme of the conference was “Debating Ethics,” and it was a deep dive into the interplay between digital commerce, regulation, and human dignity.  There were representatives from around the globe, of course, but… Read More

E22: How to Build Your Corporate Data Privacy Team (Podcast)

Step one: don’t delegate it to the intern in the IT department. Building a solid Privacy Team inside of your company can be challenging, particularly when no one understands why you are doing it. In this episode of “Are You DataSmart?”, the Ward brothers outline proven approaches to building a Data Privacy Team and how… Read More

Small-Medium Sized Business Data Myths – Part One

We were fortunate to present at the B2SMBi Conference last week, which gathers small and medium sized businesses (“SMB”) and the service providers that allow them to grow and function at scale.  It was a great event, with everyone from micro-startups to Google in attendance, and it provided great insights into the concerns SMBs and… Read More

Data Quality, or “Garbage in, Garbage Out”

Another week, another series of massive data breaches.  Of the few we heard about in the last seven days, none are as concerning as Facebook’s breach involving more than 50 million user accounts.  Those are the kinds of numbers that, depending upon how the breach occurred, could incur a massive penalty at the hands of… Read More

E21: Will Changes to CaCPA Water Down the Privacy Law (Podcast)

The ballot initiative was pulled, the law was passed. But will the California Consumer Privacy Act (CaCPA) move forward to be one of the most significant steps in data privacy law or will the law be watered down through the revision process. This is a big test to see how California handles data privacy and… Read More

E20: Artificial Intelligence vs Data Minimization & GDPR (Podcast)

The opportunities for Artificial Intelligence to transform humanity are enormous. We are seriously excited. However, there are issues with amassing the amount of data necessary for these machine learning based solutions. To become “intelligent” (whether artificially or not) requires immense data and knowledge, and the ability to recall that knowledge. Data Minimization, as a concept,… Read More

Data Security for Dummi…I Mean, for Lawyers

Today we’ll talk about something near and dear to my heart: data security for lawyers. I recognize that this is not a topic that many lawyers want to discuss, or one that they feel comfortable discussing.  But the reality is that data security is an important part of being a lawyer, even if it’s not… Read More

There Definitely Won’t be a Federal Data Privacy Law. (Maybe. We’ll See.)

“There’s no way the federal government is going to create a federal privacy law.”  “It’s just not going to happen.”  “Not a chance, no way, forget it.”  “There isn’t a political will in Washington to get it done, and so we can all just assume that it’ll all be only the states issuing regulations for… Read More

GDPR Three Month Checkup (And Three Issues to Watch)

It’s been just about three months since the GPDR went into effect, it’s what makes sense for many people right now to be wondering just how the whole process is going. After all, it was all anyone in the media wanted to talk about for months leading up to May 25. Now? There doesn’t seem… Read More

Own Goals and Cups of Coffee

We’ve spent a good deal of time here talking about the risks of data breaches and how to create structures that help prevent them. We’ve even talked about common kinds of breaches and what they mean for your business. But, of course, no matter how much we talk about this stuff, there’s a never-ending supply of… Read More

E18: ICANN Loses First GDPR Court Ruling in Germany

In this episode of the “Are You DataSmart?” podcast, the Ward brothers discuss the first court ruling on GDPR that went against ICANN, the non-profit domains platform that powers the internet. What is so fascinating about this first decision is that it specifically puts “data minimization” on display. It isn’t a theory anymore! PODCAST TRANSCRIPT… Read More

E17: Carpenter Decision Builds Up Privacy from #SCOTUS

In this episode of “Are You DataSmart?” we examine the Supreme Court’s most important ruling on privacy in Carpenter v. United States. It is a major development in privacy law, laying the foundation for an interpretation of the Fourth Amendment that protects against generalized government surveillance by electronic means. Together with United States v. Jones, it brings… Read More

The Carpenter Decision

The Supreme Court has issued this year’s most important ruling on privacy in Carpenter v. United States. It is a major development in privacy law, laying the foundation for an interpretation of the Fourth Amendment that protects against generalized government surveillance by electronic means. Together with United States v. Jones, it brings Fourth Amendment jurisprudence into the… Read More

E16: GDPR Induces Amnesia – (🎧Podcast)

Episode 16 of the “Are You DataSmart” Podcast covers the major operational issues caused Article 17 of the GDPR, Right to erasure (‘right to be forgotten’). Deleting records causes amnesia-like symptoms for businesses and will afflict every business that receives a withdrawal of consent or a notice to erase data about an individual or data subject. Specifically: The… Read More

Two (Really Bad) Approaches to Privacy

We’ve reached that time of year when everyone is basically in summer mode – non-work plans being made, last day of school or first day of camp lunches being packed, the inevitable first sunburn (for me, not the kids). It’s the time of year when there’s also a downshift in activity, and (even in the… Read More