Part 2: What to do about GDPR if you need to comply

February 14, 2018 by Ale Brown

Last week we discussed what GDPR is in very broad terms. We also discussed what are the general parameters used to determine whether an organization needs to comply with GDPR or not. Just to refresh our memories, these are the criteria used to make such determination: If you have any physical presence in the EU (even if it is a small sales and marketing office). If you don’t have a physical presence but you offer products or services to EU residents. If you don’t offer products or services but you monitor EU residents online behaviour. You need to comply… now […]

Read More

Part 1: What is GDPR – foundational concepts

February 7, 2018 by Ale Brown

The requirements around this new regulation and who it will apply to The General Data Protection Regulation or GDPR is the new data protection legislation enacted by the European Union that will come into effect on May 25, 2018. This is a very important regulation, not only for European residents but for everyone around the world. The main reason is because it is the first privacy and data protection regulation that ensures that individuals rights and freedoms are the top priority. It also unifies all the different regulations under one rule. The EU data protection directive from 1995 is replaced […]

Read More

GDPR series: Achieving GDPR compliance within a tight timeframe

January 30, 2018 by Ale Brown

As I take some time to read the news on a Sunday afternoon, I start realizing that news of GDPR compliance is gaining traction. I even cleared all my cookies to ensure that it was not just showing on my different feeds because of what I’ve read before. No, GDPR is showing up more and more. I’m glad that it is beginning to get the attention it needs. What worries me is that, at this point in time, it leaves very little time left for organizations to get their house in order in time for May 25 (you can check […]

Read More

Data Privacy Day – are you a champion?

January 15, 2018 by Ale Brown

It’s the  middle of January and my thoughts revolve around Data Privacy Day. Even though Data Privacy Day is observed every January 28th, not a lot of people know about it so I’ve decided to become a stronger advocate and shed light on the issues that Data Privacy Day stands for. What is Data Privacy Day Data Privacy Day commemorates the signing of Convention 108 back in 1981, the first legally binding international treaty dealing with privacy and data protection. The Data Privacy Day campaign is spearheaded by the National Cyber Security Alliance (NCSA) and I laud their efforts to […]

Read More

New year, new requirements on data protection

January 4, 2018 by Ale Brown

2017 is over and it was certainly a year where data breaches were front and center for organizations and the public in general. There is a renewed interest around what personal data protection should entail, and in multiple cases, organizations are not there yet. This interest stems from a clear concern from consumers about how their data is being managed and protected. It has also become a top priority for regulators, as we can attest from the implementation of GDPR in Europe. Therefore, what can we expect in 2018? In my opinion, more of the same… but on steroids. Cybersecurity, […]

Read More

GDPR… the countdown is on

December 15, 2017 by Ale Brown

GDPR reminds me a lot of Y2K. Eighteen years ago I was an IT project manager for one of the largest consumer goods manufacturers in the world: Procter & Gamble. I had been working for them for almost 5 years and one third of the time I was there, I spent it on a critical, expensive, dreadful, but at the same time very exciting initiative: Y2K. As a young professional that was starting her career, I could not relate very well to the repercussions of this technological bug. I was told to do a job and I was happily doing […]

Read More

Privacy in the business environment: It’s not just cyber-attacks

October 27, 2017 by Ale Brown

Category:

Introduction Over the last few years, privacy has become a term that has relevance for almost everyone in almost every context: be it an organization trusted with the information of their customers, governments monitoring citizens’ data in the name of national security or a consumer simply buying a pair of sneakers online. When we hear about privacy in the news, it is usually an incident related to online hackers or what is also known as a cyber attack. The message is usually the same: an individual that was lured into giving out their personal information, generally causing them great financial […]

Read More

Privacy can be sexy

October 27, 2017 by Ale Brown

Category:

When we hear about Privacy, different terms come to mind: breach, regulation, identity theft, exposure, risk. The one word I assure you will not immediately come to mind is “sexy”. When it comes to information privacy, we think of our right to keep our personal information safe, unused, undisclosed. We fear someone getting their hands on our information and use it to their advantage or worse, to our detriment. As businesses grow closer and deeper relationships with their customer base, what if they think of privacy management not as something they have to do because consumers, government or regulators demand […]

Read More

The Privacy Dilemma: AI’s Double-Edged Sword

Read Article

Privacy risks going viral

Read Article

You've got... a breach notification?

Read Article

Why we need to embrace a more mature attitude towards our data

Read Article