PRIVACY + SECURITY BLOG

News, Developments, and Insights

Cartoon: GDPR Lawful Basis

Cartoon GDPR Lawful Basis - TeachPrivacy GDPR Training

This cartoon is about the GDPR’s lawful basis requirement to process personal data. One of the biggest differences between U.S. and EU privacy law is that in the U.S., organizations can collect and use personal data in nearly any way they choose as long as they state what they are doing in their privacy notice […]

Read More…

Cartoon: Multi-Jurisdictional Privacy Law Compliance

Cartoon Multi-Jurisdictional Privacy Law Compliance Poodle - TeachPrivacy CCPA Training 02 small

This cartoon depicts the challenges of multi-jurisdictional privacy law compliance. In 2018, organizations scrambled to comply with the GDPR.  In 2019, businesses are scrambling to comply with the California Consumer Privacy Act (CCPA).  And, there will be a new referendum on privacy law in California next year — CCPA 2.0.  There’s a flurry of legislative […]

Read More…

Cartoon: Cookies and the GDPR

Cartoon Cookies and the GDPR

This cartoon depicts how, after the GDPR, countless websites have cookie notices and require agreeing to accept cookies.  I find these cookie notices to be form over substance.  These notices are virtually meaningless and don’t help consumers. They are a nuisance.  They give privacy a bad name because people start to think that privacy is […]

Read More…

Cartoon: Data Subject Access Requests Under the CCPA and GDPR

Cartoon Data Subject Access Requests (DSARs) - TeachPrivacy CCPA Training 02

This cartoon is about data subject access requests (DSARs) — sometimes called “subject access requests” (SARs).  The GDPR Article 15 provides for DSARs.  The new California Consumer Privacy Act (CCPA) provides individuals with a right to learn about the personal data collected and shared about them over the past 12 months. For more background about […]

Read More…

Cartoon: GDPR Data Portability

Cartoon GDPR Data Portability Santa - TeachPrivacy GDPR Training 02 medium

This cartoon is about the GDPR’s right to data portability under Article 20.  This right allows data subjects to take their data from one organization and transfer it easily to other organizations. Pursuant to the GDPR Article 20: 1. The data subject shall have the right to receive the personal data concerning him or her, […]

Read More…