The Dangers of a Biometric Future

Biometric data is information at its most sensitive.  Not only do health and physical characteristics carry with them the very concept of our personhood and humanity, they are also often immutable and, therefore, permanently identify us.  I can change my email address or my password, and I can even get a new legal name if… Read More

Organic Data and Digital Borders

The longer you spend in data-oriented businesses, the more you notice a funny thing about the language used to describe data sets and their uses.  While, early on, the language sounds a lot like what you’d use to describe currency (“valuable,” “fungible,” “velocity,”), eventually it all starts to sound like you’re talking about food (“organic,”… Read More

The Undefended Principles of a Free Internet

For most of us who remember a time before widespread access to the Internet (it was mostly Donald Duck games on your Commodore), going online was a decidedly American-feeling affair.  One could be forgiven the thought, given that the largest internet service provider for years was….America Online.  And, largely, that tracked the history and development… Read More

Curb Your (AI)nthusiasm

The Boston Dynamics “dogs” have become something of an inside joke around here: any time we want to suggest that an idea, project, or new technology might have worrisome long-term implications, the robotic canines come up in conversation.  Much of it has to do with their somewhat surreal, uncanny valley look, something familiar enough to… Read More

The World’s Toughest Internet Law?

It seems that every time we turn around, there’s new data or Internet legislation on the table that the media describes along the lines of  “similar to the GDPR,” or “GDPR-like.”  It makes sense, of course, given that the GDPR is the most important legislation on privacy in several generations, though it can blur some… Read More

The Joke’s On You

There are times when it’s difficult to pick a topic to write about for this blog, because data privacy and data partnerships are such broad subjects that it’s like selecting from an unlimited menu of issues.  We could discuss GDPR or CCPA or a data breach or technological trends or creating a mutually beneficial data… Read More

Weekly Data Privacy Roundup

We’re starting something new, a weekly collection of some of the stories that we saw or found interesting but, for some reason, didn’t have time to address meaningfully (by which we mean throw as many gifs at as possible).  This week is heavy on government action, which is a good indication of the trends we’re… Read More

The Values Crisis

Let’s talk about values. We sometimes talk about “use cases” for data, which is a shorthand for “how do you intend to make this particular information set perform a new category of work or combine with other information sets to perform a new category of work.”  It’s important, as we discuss in Data Leverage, to… Read More

The Seven Deadly (Data Privacy) Sins

One of the questions we hear most frequently is “what are we doing wrong?”  We almost always try to flip that question around into “what can we do better,” because we’re big believers in the notion that providing goals, rather than chastising, creates the right kind of mindset about data privacy and managing a data… Read More

The Global View on Privacy

We don’t know if you’ve noticed this, but every once in a while we’ll write a blog post about GDPR or CCPA or American data law.  Yes, we do spend an awful lot of time talking about the law in Europe and the United States. That’s probably not a big surprise, given that this is… Read More

GDPR Fines, Data Privacy Day, and Other Hot Takes

It’s Data Protection Day, the happiest day of the year!  A year ago, we were talking about the changes that GDPR would bring, and how to gear up operations to ensure that you didn’t violate the law or mislead your customers.  The premise was simple: transparency is a fundamental precept under GDPR (and US law),… Read More

Predictions, Lists, and Complete Wild Guesses

Now that it’s January and everyone is finally returning to the reality where things don’t always taste like peppermint or eggnog (or both, which is just….no), it’s a good time to think about how you’re going to approach 2019.  This time of year is rife with predictions and, more often, guesses about what privacy, tech,… Read More

Data Leverage: Unlocking the Surprising Growth Potential of Data Partnerships

We are proud to announce the release of our book, Data Leverage: Unlocking the Surprising Growth Potential of Data Partnerships.  This book, which outlines our approach to establishing partnerships, sharing data, and protecting data assets, is a single-source guide for what we believe the most important aspects of data management programs are.  We could not be… Read More

Key Takeaways from the International Conference of Data Protection and Privacy Commissioners

Last week, I attended the 40th ICDPPC in Brussels, which is the global meeting of all privacy and data security regulators.  The theme of the conference was “Debating Ethics,” and it was a deep dive into the interplay between digital commerce, regulation, and human dignity.  There were representatives from around the globe, of course, but… Read More

GDPR Three Month Checkup (And Three Issues to Watch)

It’s been just about three months since the GPDR went into effect, it’s what makes sense for many people right now to be wondering just how the whole process is going. After all, it was all anyone in the media wanted to talk about for months leading up to May 25. Now? There doesn’t seem… Read More

Two (Really Bad) Approaches to Privacy

We’ve reached that time of year when everyone is basically in summer mode – non-work plans being made, last day of school or first day of camp lunches being packed, the inevitable first sunburn (for me, not the kids). It’s the time of year when there’s also a downshift in activity, and (even in the… Read More

Privacy is Everybody’s Business (Or Needs to Be)

It’s been a whirlwind few weeks since GDPR came into effect, and it seems that many people are learning about privacy rights for the first time. Plenty of them are making data subject access or deletion requests, including against the biggest players in the market. Even though there were years’ worth of stories about data… Read More

The Three Pillars of GDPR – Consistency (No. 3)

And so, at long last, the GDPR is the law, and we leave behind the relatively lower standards under the Data Protection Directive.  The Directive, which has been on the books for more than two decades, now passes into obsolescence, like beepers or, in Miami, traffic laws.  Now, we’ll all start to learn what the… Read More

The Three Pillars of GDPR – Security (No. 2)

There are 72 hours to go until GDPR Day (#privmas), and you can almost feel CISOs hoping that, if there’s going to be a breach, it happens today and not on Monday.  We noted once before that Andrea Jelinek, chair of the (very important) Article 29 Working Party deadpanned that “there will be a two… Read More

The Three Pillars of GDPR – Transparency (No. 1)

Two years ago, when the European Commission approved the GDPR and set an effective date for May 25, 2018, I thought “that is such a long time to wait.”  It was a choice out of keeping with American legislative methods, where Congress passes a law and maybe gives an effective date of the following January 1, but… Read More