A Post About Bread! (And Data too, I Guess)

We’re big fans of January around here, enjoying, as we do, the prospect of starting the new year off the right way and looking at things afresh. There’s something special about the focus that comes with new beginnings and the excitement of starting new projects after the whirlwind of the holiday season. The one thing… Read More

Predictions, Lists, and Complete Wild Guesses II

After a whirlwind start to this year (let’s leave the decade debates aside please), we’re finally ready to start making our 2020 predictions for privacy, data partnerships, and data strategy. This is where we lay out our view for how businesses, regulators, government, and internet users will shift the rules and change the way we… Read More

2019: The Year of Meh

To me, the most meaningful meme of this year was “OK, Boomer” (Baby Yoda was a non-event, don’t @ me).  It not only perfectly captures the very real, politically potent generational conflict going on right now, but it also reflects how completely ignored Generation X is in our current culture wars. (I feel no guilt… Read More

Enough with the Tracking Already

You may not have read the New York Times Privacy Project yet, but if not, now is the time to do so.  They have begun a series on the nature of tracking individuals via cellphones, armed with a treasure trove of over 50 billion pings on 12 million phones.  The results are dramatic, showing just… Read More

2019 Predictions: How Did We Do?

You may recall that we made some predictions way back in January about what would happen in privacy, privacy law, and data partnerships over the course of 2019.  Well, we believe in accountability, and so it’s time to check out how well we did.  There’s a reason that most people don’t reflect on their New… Read More

How to Protect Your Data in a Data Partnership – from “Data Leverage”

We spend an enormous amount of time talking about the benefits of data partnerships but, of course, they aren’t without their risks.  No one enters into a business relationship assuming that everything will go exactly as planned (without serious problems later, anyway).  But how do you identify ways to protect your business, your data, and… Read More

Predictions, Lists, and Complete Wild Guesses

Now that it’s January and everyone is finally returning to the reality where things don’t always taste like peppermint or eggnog (or both, which is just….no), it’s a good time to think about how you’re going to approach 2019.  This time of year is rife with predictions and, more often, guesses about what privacy, tech,… Read More

Key Takeaways from the International Conference of Data Protection and Privacy Commissioners

Last week, I attended the 40th ICDPPC in Brussels, which is the global meeting of all privacy and data security regulators.  The theme of the conference was “Debating Ethics,” and it was a deep dive into the interplay between digital commerce, regulation, and human dignity.  There were representatives from around the globe, of course, but… Read More

E18: ICANN Loses First GDPR Court Ruling in Germany

In this episode of the “Are You DataSmart?” podcast, the Ward brothers discuss the first court ruling on GDPR that went against ICANN, the non-profit domains platform that powers the internet. What is so fascinating about this first decision is that it specifically puts “data minimization” on display. It isn’t a theory anymore! PODCAST TRANSCRIPT… Read More

E16: GDPR Induces Amnesia – (🎧Podcast)

Episode 16 of the “Are You DataSmart” Podcast covers the major operational issues caused Article 17 of the GDPR, Right to erasure (‘right to be forgotten’). Deleting records causes amnesia-like symptoms for businesses and will afflict every business that receives a withdrawal of consent or a notice to erase data about an individual or data subject. Specifically: The… Read More

Two (Really Bad) Approaches to Privacy

We’ve reached that time of year when everyone is basically in summer mode – non-work plans being made, last day of school or first day of camp lunches being packed, the inevitable first sunburn (for me, not the kids). It’s the time of year when there’s also a downshift in activity, and (even in the… Read More

The Three Pillars of GDPR – Consistency (No. 3)

And so, at long last, the GDPR is the law, and we leave behind the relatively lower standards under the Data Protection Directive.  The Directive, which has been on the books for more than two decades, now passes into obsolescence, like beepers or, in Miami, traffic laws.  Now, we’ll all start to learn what the… Read More

The Three Pillars of GDPR – Security (No. 2)

There are 72 hours to go until GDPR Day (#privmas), and you can almost feel CISOs hoping that, if there’s going to be a breach, it happens today and not on Monday.  We noted once before that Andrea Jelinek, chair of the (very important) Article 29 Working Party deadpanned that “there will be a two… Read More

E14: The Three Pillars of GDPR (🎧PODCAST)

The three pillars of GDPR are transparency, security, and consistency. Regulators have stated they see transparency as the central point, but the other two are equally important. When a natural person asks your company for a Data Subject Access Requests (DSAR), how will you react? The Ward brothers explain what companies need to expect within… Read More

Your New Privacy Policy Looks Too Much Like Your Old Privacy Policy

One of the most popular memes in recent years has been the “distracted boyfriend” meme. The coverage has been amazing, including the identification of an 18th Century equivalent painting. One of the most striking things about the meme is that the presumably current girlfriend has a similar look to the presumably new girl that is… Read More

The Three Pillars of GDPR – Transparency (No. 1)

Two years ago, when the European Commission approved the GDPR and set an effective date for May 25, 2018, I thought “that is such a long time to wait.”  It was a choice out of keeping with American legislative methods, where Congress passes a law and maybe gives an effective date of the following January 1, but… Read More

GDPR Countdown – Two Weeks to Go

As we roll into the final two weeks of our countdown, we’re going to take something of a step back and look at issues more broadly. Yesterday, we discussed Google’s AI, and how we’re all going to be living in the Duplex, as it were. I am (clearly) pretty hung up on this, and have… Read More