You’ve got… a breach notification?

November 1, 2018 by Ale Brown

Category:

As of today November 1st, privacy breach notification will be mandatory at the Federal level in Canada through amendments done to PIPEDA. From now on, the Year of the Breach This year has been called “the year of the breach”, but so was 2017 and before that, 2016. This could be called the global warming of the privacy world. And with regulators becoming more strict about companies’ transparency practices, data privacy breach notifications will also become more prevalent. What does this all mean to organizations and most importantly, to individuals that share their personal data with organizations? Breach notification impacts First of all, […]

Read More

Why we need to embrace a more mature attitude towards our data

August 20, 2018 by Ale Brown

Category:

A few days back I read an article on the New York Times that talked about “data breach fatigue”. Let’s make this very clear: data breaches are a daily occurrence in our lives. It seems like they’re here to stay and they are like a “not so pleasant” distant relative that decides to visit and suddenly doesn’t leave. Initially we dread the presence but after a while, we get used to them and stop asking when they are packing up to go back home. And that makes me wonder, why? Why do we allow the inconvenience and the risk to […]

Read More

Privacy interest is evolving… and California is leading

July 17, 2018 by Ale Brown

A couple of months ago I made a wild statement about the Facebook-Cambridge Analytical incident being the catalyst for stronger privacy regulation around the use of personal data for business purposes.  A few people found some merit on this idea – usually the ones from my own generation whose sense of adventure is a bit tempered by the reality of the past. And then lately, a few new events (think California’s CCPA) are showing that people and governments around the globe are more interested in the protection of personal data.  Most importantly, the appropriate use of personal data in a […]

Read More

GDPR, profits and the game of good intentions

June 27, 2018 by Ale Brown

GDPR came into effect on May 25th. Granted, the world didn’t come to an end but there is certainly awareness around the EU people whose personal data GDPR protects and they are making their voices heard. According to a report released by the IAPP, complaints have started pouring in across the different EU member states with as little as 2 in Sweden and 3 in Belgium and as many as 426 in France. Ireland to date has also had 547 data breach notifications! It is obvious that the Data Protection Authorities in the different EU states have a limited number […]

Read More

Press Release: Kirke Management Consulting Becomes STOP. THINK. CONNECT. ™ Partner

April 13, 2018 by Ale Brown

Category:

VANCOUVER, B.C. – (April 12th, 2018 @ 9:00 AM PT) Kirke Management Consulting today announced that it has signed on as a partner of STOP. THINK. CONNECT. ™, the global online safety awareness and education campaign. Securing the internet is a responsibility we all share, and STOP. THINK. CONNECT. ™ is simple, actionable advice that everyone can follow to be safer and more secure online. Ale Brown, Founder and Principal Consultant at Kirke Management Consulting, said “We are excited to partner with STOP. THINK. CONNECT. ™ as a part of our ongoing dedication to foster increased awareness into the importance […]

Read More

Facebook-Cambridge Analytica: the Enron of privacy?

April 5, 2018 by Ale Brown

Category:

The last few weeks have engulfed us all – not only privacy professionals like ourselves – into one of the biggest corporate scandals of the new century. You can tell it is serious when after three long weeks, everyone is still talking about it. In this age of short attention spans, three weeks is an eternity. What does Facebook-Cambridge Analytica have to do with Enron? Even though at a first glance the similarities are not apparent, I believe that Facebook-Cambridge Analytica and Enron have a few things in common. For the ones that are old enough to remember, the Enron scandal […]

Read More

Part 4: Ready… Set… Go! Achieving full GDPR compliance

March 1, 2018 by Ale Brown

This is the last installment on the virtues and requirements of GDPR. In this series you learned a few things, like whether or not you need to comply, what to do if you actually need to comply and what to take into account when you are prioritizing your activities towards GDPR compliance. Now you should feel comfortable knowing that at least you understand what this new data compliance regulation is about and, based on your business, what the key areas are that you need to take care of. On May 25 you will certainly be in a better place than […]

Read More

Part 3: Prioritizing GDPR Requirements

February 20, 2018 by Ale Brown

In the last few weeks, we have been talking about what GDPR is, who needs to be compliant with it and what things to keep in mind if you have to comply. Now we are going to discuss what is the best way to go about prioritizing GDPR requirements for your organization. It’s all about the risk First off, let me say that GDPR is not a step-by-step prescription on what to do with regards to the management and protection of personal data. If it were that way, we would all have been compliant long ago! Just tick the boxes on […]

Read More

Part 2: What to do about GDPR if you need to comply

February 14, 2018 by Ale Brown

Last week we discussed what GDPR is in very broad terms. We also discussed what are the general parameters used to determine whether an organization needs to comply with GDPR or not. Just to refresh our memories, these are the criteria used to make such determination: If you have any physical presence in the EU (even if it is a small sales and marketing office). If you don’t have a physical presence but you offer products or services to EU residents. If you don’t offer products or services but you monitor EU residents online behaviour. You need to comply… now […]

Read More

Part 1: What is GDPR – foundational concepts

February 7, 2018 by Ale Brown

The requirements around this new regulation and who it will apply to The General Data Protection Regulation or GDPR is the new data protection legislation enacted by the European Union that will come into effect on May 25, 2018. This is a very important regulation, not only for European residents but for everyone around the world. The main reason is because it is the first privacy and data protection regulation that ensures that individuals rights and freedoms are the top priority. It also unifies all the different regulations under one rule. The EU data protection directive from 1995 is replaced […]

Read More

You've got... a breach notification?

Read Article

Why we need to embrace a more mature attitude towards our data

Read Article

Privacy interest is evolving... and California is leading

Read Article

GDPR, profits and the game of good intentions

Read Article