With the EU GDPR right around the corner, you have probably heard that there will be six legal bases for processing personal data. For organizations who are currently preparing for GDPR, there is a strong focus on – as well as some confusion around – legitimate interests, in particular. Let's take a closer look.
Privacy management software can help you increase your efficiency and accuracy by automating complex or high volumes of privacy management activities, including privacy impact assessments (PIAs)/data protection impact assessments (DPIAs), data mapping/data inventory, and enterprise assessments. How do you choose?
Out of all six legal bases for processing offered by the GDPR, consent and legitimate interests are the legal bases most likely to be relied upon to justify direct marketing. Where the direct marketing involves electronic communications, however, is where things get muddy.
Developing an effective privacy management infrastructure for GDPR compliance seems daunting. How do you prioritize to meet GDPR accountability obligations?
Mobile applications collect a lot of personal data. What are the GDPR considerations for mobile app businesses when laying out the concept and execution of their application?
While the legitimate interests ground for processing under the GDPR can be lawfully applied in many cases, a provisional balance should be established by data controllers with more safeguards for the protection of data subjects.
The California Consumer Privacy Act (CCPA) is the latest in privacy compliance. Although not as comprehensive as what is provided by the GDPR, there are useful operational overlap that can help with compliance with the CCPA.
Financial market regulators from outside the EU are now seeking GDPR exemptions for the purpose of "public interest", for example cracking down on securities fraud, including the SEC in the U.S. as well as regulators in Japan and Hong Kong.