Europe Gets Tough

One of the questions I hear most frequently is “will the GDPR be as big a deal as everyone promised?” Of course, the real question is “will the GDPR be as big a deal as you, Jay, promised,” and it is a fair one.  Privacy commentators spent a great deal of time in 2018 talking… Read More

Getting Bad Advice

The Internet is a risky place for “expertise.”  Because it is both a platform and a megaphone, it creates its own multiplier effect for whatever you put into it.  If the arguments of the last few years have proven anything, it’s that even a poorly concocted lie spreads far faster than a well-explained truth, largely… Read More

How to Protect Your Data in a Data Partnership – from “Data Leverage”

We spend an enormous amount of time talking about the benefits of data partnerships but, of course, they aren’t without their risks.  No one enters into a business relationship assuming that everything will go exactly as planned (without serious problems later, anyway).  But how do you identify ways to protect your business, your data, and… Read More

What’s Five Billion Among (Facebook) Friends?

The Internet went into full “give me a Drudge Report siren” mode last week about Facebook’s announcement that it anticipates a fine of three to five billion dollars from the FTC in the coming months.  The fine, a result of Facebook’s violation of a 2011 consent decree with the Commission related to privacy practices, tracking,… Read More

The Dangers of a Biometric Future

Biometric data is information at its most sensitive.  Not only do health and physical characteristics carry with them the very concept of our personhood and humanity, they are also often immutable and, therefore, permanently identify us.  I can change my email address or my password, and I can even get a new legal name if… Read More

Organic Data and Digital Borders

The longer you spend in data-oriented businesses, the more you notice a funny thing about the language used to describe data sets and their uses.  While, early on, the language sounds a lot like what you’d use to describe currency (“valuable,” “fungible,” “velocity,”), eventually it all starts to sound like you’re talking about food (“organic,”… Read More

Employee Monitors and Big Brother at Work

Although we consistently discuss the importance of managing data about customers or partners, it’s crucial to pay attention to a key demographic of your intrinsic datasets – employees.  Your team generates an enormous volume of data simply by showing up to the office (HR data, payment information, personal login details and passwords, etc), and the… Read More

Weekly Data Privacy Roundup

We’re starting something new, a weekly collection of some of the stories that we saw or found interesting but, for some reason, didn’t have time to address meaningfully (by which we mean throw as many gifs at as possible).  This week is heavy on government action, which is a good indication of the trends we’re… Read More

The Values Crisis

Let’s talk about values. We sometimes talk about “use cases” for data, which is a shorthand for “how do you intend to make this particular information set perform a new category of work or combine with other information sets to perform a new category of work.”  It’s important, as we discuss in Data Leverage, to… Read More

FTC’s Privacy Report Card

It’s that time of year again – the FTC has released its report on enforcement activity in 2018, including its efforts at enforcing privacy promises.  It was, as you might expect, a busy year, with major proceedings instituted against a number of high-profile entities like Uber, Paypal, and Facebook.  Although the total amount in fines… Read More

The Global View on Privacy

We don’t know if you’ve noticed this, but every once in a while we’ll write a blog post about GDPR or CCPA or American data law.  Yes, we do spend an awful lot of time talking about the law in Europe and the United States. That’s probably not a big surprise, given that this is… Read More

As Transparent as Mud

Transparency is one of the principles driving recent developments in data privacy and data security.  We’ve spent a lot of time discussing how important it is to be open with consumers and data subjects, to give them a clear idea of how their data is used, and why.  The primary reason for this is to… Read More

GDPR Fines, Data Privacy Day, and Other Hot Takes

It’s Data Protection Day, the happiest day of the year!  A year ago, we were talking about the changes that GDPR would bring, and how to gear up operations to ensure that you didn’t violate the law or mislead your customers.  The premise was simple: transparency is a fundamental precept under GDPR (and US law),… Read More

Predictions, Lists, and Complete Wild Guesses

Now that it’s January and everyone is finally returning to the reality where things don’t always taste like peppermint or eggnog (or both, which is just….no), it’s a good time to think about how you’re going to approach 2019.  This time of year is rife with predictions and, more often, guesses about what privacy, tech,… Read More

Key Takeaways from the International Conference of Data Protection and Privacy Commissioners

Last week, I attended the 40th ICDPPC in Brussels, which is the global meeting of all privacy and data security regulators.  The theme of the conference was “Debating Ethics,” and it was a deep dive into the interplay between digital commerce, regulation, and human dignity.  There were representatives from around the globe, of course, but… Read More

GDPR Three Month Checkup (And Three Issues to Watch)

It’s been just about three months since the GPDR went into effect, it’s what makes sense for many people right now to be wondering just how the whole process is going. After all, it was all anyone in the media wanted to talk about for months leading up to May 25. Now? There doesn’t seem… Read More

Own Goals and Cups of Coffee

We’ve spent a good deal of time here talking about the risks of data breaches and how to create structures that help prevent them. We’ve even talked about common kinds of breaches and what they mean for your business. But, of course, no matter how much we talk about this stuff, there’s a never-ending supply of… Read More

Two (Really Bad) Approaches to Privacy

We’ve reached that time of year when everyone is basically in summer mode – non-work plans being made, last day of school or first day of camp lunches being packed, the inevitable first sunburn (for me, not the kids). It’s the time of year when there’s also a downshift in activity, and (even in the… Read More

Privacy is Everybody’s Business (Or Needs to Be)

It’s been a whirlwind few weeks since GDPR came into effect, and it seems that many people are learning about privacy rights for the first time. Plenty of them are making data subject access or deletion requests, including against the biggest players in the market. Even though there were years’ worth of stories about data… Read More