The GDPR recently marked its second anniversary. Find out where it has had the greatest impact from three privacy experts.

Image for post
Image for post

One of the most impactful and transformative regulations in privacy, the GDPR, recently marked its second anniversary. Since enforcement began in May of 2018, businesses both in Europe and worldwide have had to change the way they handle personal data and increased their focus on privacy branding.

On May 28th, Vicki Gulloit — Partner, Privacy Culture, Mary-Jo de Leeuw — Interim Program Manager Cybersecurity at The Dutch Railway, and Justine Vilain — Privacy and Legal Manager at DataGrail discussed their top takeaways from GDPR after its 2-year anniversary. In case you missed it, we’re bringing you the highlights. …


DataGrail took a look back at product activity metrics within our platform during the first quarter of the year — since the California Consumer Protection Act (CCPA) took effect on January 1, 2020 — to understand what B2C companies can expect for the remainder of 2020. Although it’s still early to understand exactly how CCPA will impact organizations in the long-run, we gathered our early learnings from the first few months of CCPA into a report to help businesses plan and predict the future of privacy regulation.

We hope this early data will help the industry at large better understand the trends so far, help businesses benchmark against peers, and provide guidance on how best to plan ahead. In our findings, you’ll see references to three types of consumer rights requests that are part of the CCPA, often referred to as data subject requests (DSR) or data subject access requests…


Image for post
Image for post

March 11th, 2020 saw a second set of California Consumer Privacy Act (CCPA) amendments come to light. These new amendments are meant to clarify and emphasize some aspects of the Californian Privacy Regulations and provide further guidelines for companies to adjust their privacy compliance programs. While there does not seem to be any major breakthrough since the first set of amendments in February, we are highlighting the main takeaways for data controllers and service providers.

The previously acclaimed IP Address Guidance

The former section (§ 999.302) that provided guidance on how to interpret the definitions in the CCPA is removed in this new set of amendments. The specific paragraph described an interesting example related to IP addresses classified as Personal Identifiable Information (PII) and excluded those from the scope of the CCPA if they cannot be linked to any consumer or household. It would be premature to interpret the deletion of the section to mean that sole IP addresses are included under the CCPA scope. The proposed regulation might just intend to avoid any unnecessary repetition with the existing definition in the Civil Code which already takes a clear stance on the scope of PII. …


Image for post
Image for post

Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA), allows any Californian resident to request or delete all information a company has saved on them as well as receive a full list of every third party that data was shared with. Further, the new law requires a business to verify and respond to consumer requests within 45 days of initial contact and are subject to servicing requests with data dating back 12 months.

How Right to Know requests are submitted

Under the CCPA, businesses must offer at least two methods of submission — a toll-free number (required) and website address (if the business maintains a website). …


DataGrail recently partnered with our customer ZoomInfo to discuss privacy predictions for 2020

Image for post
Image for post

With CCPA now in effect, the Age of Privacy has finally reached the US. And as our relationship with personal data deepens in complexity, the lines surrounding ownership grow increasingly blurred. Due to an explosion in data collection — not just the volume but also the variety and velocity of data — major security and privacy concerns loom on the horizon. In honor of this new era, we crafted our Top Five Privacy Predictions for 2020 .

To help privacy and legal professionals stay ahead of the privacy curve, we recently collaborated with our customer, ZoomInfo, to breakdown privacy predictions for 2020. In this recent webinar, DataGrail’s CEO and co-founder Daniel Barber and ZoomInfo General Counsel Anthony Stark shared their thoughts on the compliance landscape for 2020 as well as predictions for impactful trends in the upcoming years. …


Image for post
Image for post

This past Tuesday, LinkedIn hosted an event that featured panels and discussions about privacy regulation, challenges with privacy, and the growing importance of consumer awareness. In honor of Data Privacy Day, top leaders in privacy offered their take on modern privacy issues, solutions, and regulation.

There’s a lot to unpack here, so we are highlighting the top 5 takeaways from the event to bring you up to speed on the most recent developments in privacy and how businesses are tackling these modern challenges.

Key Takeaway #1: Privacy is a fundamental human right and part of our democracy

A core sentiment echoed throughout the event was that privacy is a fundamental human right and is essential to democracy. Gregory Smolynec (Deputy Commissioner, Policy and Promotion Sector in the Office of the Privacy Commissioner of Canada) explained that the “conversation about privacy is getting louder and louder worldwide. Every citizen is part of it”. DataGrail’s recent consumer survey showed 4 in 5 Americans think there should be a law in place to protect personal data and 83% expect to have control over how businesses use their data. Smolynec emphasized the shared thoughts of the panel, saying “No one owns privacy… It’s a shared value across democracies. We cannot have public democratic life without privacy.” …


Image for post
Image for post

As a woman (and mother) in the technology space, the topics of career growth, balance, and mentorship are near and dear to my heart. These topics have also become increasingly visible in my daily news feeds. One hot question I had seen floating around recently was this: What advice would you give your younger working self?

DataGrail posed this question to attendees at the recent Women Impact Tech event in San Francisco on March 5th, along with a fun activity to bring it to life. We constructed a tree that highlighted our 5 company values:

  • Be Transparent
  • Make Each Other…

Image for post
Image for post

The Age of Privacy has arrived. Our relationship with data has evolved dramatically over the past 20 years, as the systems have become more complex and the lines around ownership more blurred.

These days, data collection goes far beyond email address to precise location to biometric and intimate health data. The explosion in data collection — not just the volume but also the variety and velocity of data — has led to consumer concerns around security and privacy. More and more, people live their lives online. …


Image for post
Image for post

On January 1, 2020, all eyes will be on California. For most of us, the primary focus will be on the Rose Bowl game, but for businesses in the state, this is the day that CCPA goes into effect. However, studies show that only 55 percent of companies will be ready by that date , and another 25 percent hope to be compliant by July 1, when enforcement begins.

For businesses and consumers, there remains a lot of confusion around CCPA, particularly in how it compares to GDPR, what’s covered under CCPA and who must comply. To help you better understand the CCPA basics, we asked data privacy experts Peter McClelland, Esq. In-House Counsel for Threat Sketch, Tom Kelly, president and CEO of ID Experts, Salvatore Stolfo, Columbia University professor, and Thomas Jackson, litigation partner and Chair of the Technology Practice Group at Phillips Nizer, to answer some of the most common questions about the new law. …


Image for post
Image for post

Last week, San Francisco was home to the Global Legal ConfEx, which brought together over 200 in-house counsel, law firm partners, and law tech professionals. The conference hosts lawyers who have operational challenges including litigation, technology, risk, compliance, GDPR and more. Further, the event provides educational panels, thought leadership, and opportunities to connect with peers.

DataGrail’s CEO & Co-founder, Daniel Barber , hosted a panel on GDPR, CCPA, Data Discovery, and Compliance to offer insight on upcoming privacy regulation. The panel featured Kai Westerwelle (Partner at Bird & Bird), Samantha Kim (Director at Robert Half), and Lara Bliesner (Senior Counsel — Data Protection & Privacy at Arm). …

About

DataGrail

The Age of Privacy requires a new standard of transparency. We help companies comply with the #GDPR, #CCPA, and similar privacy regulation.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store