EU GDPR

Multinationals face difficult and unique data privacy and security compliance challenges to successfully meet the ongoing waves of government regulations. To meet these challenges, multinationals must have enhanced visibility across their global key assets and comprehensive controls.

Many regulators prefer voluntary GDPR compliance, but are prepared to back that up with tough action when required. This is why your reporting must be ‘regulator ready’.

The technology sector is facing new regulations and increased calls for further regulation, in particular with respect to data privacy and security. Emerging tech companies that plan to succeed should pay attention and be prepared for more questions about privacy and security from investors, strategic partners,…

Financial market regulators from outside the EU are now seeking GDPR exemptions for the purpose of "public interest", for example cracking down on securities fraud, including the SEC in the U.S. as well as regulators in Japan and Hong Kong.

The California Consumer Privacy Act (CCPA) is the latest in privacy compliance. Although not as comprehensive as what is provided by the GDPR, there are useful operational overlap that can help with compliance with the CCPA.

Simply following the law is not enough to meet ethical data mining standards. Businesses need to be proactive not just because it’s the right thing to do but also for the enormous business benefits.

Majority of CEOs may severely underestimate the consequences of GDPR non-compliance, and more worrisome are unaware of what had to be done or had been done by their staff to implement compliance measures.

While the legitimate interests ground for processing under the GDPR can be lawfully applied in many cases, a provisional balance should be established by data controllers with more safeguards for the protection of data subjects.

Mobile applications collect a lot of personal data. What are the GDPR considerations for mobile app businesses when laying out the concept and execution of their application?

While privacy by design is not a new concept, the GDPR makes it a legal requirement, and thus practical guidance is needed for putting policy into practice. What are the concepts and requirements in the context of recent guidance published by the EDPS and UK ICO?