PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Cartoon on Data Breach

Cartoon Data Security Breach 02 small

This cartoon is about evolution of data breaches, which began to grab headlines back in 2005, thanks in large part to California’s data breach notification law — the first of such laws.  Since that time, every state has passed breach notification laws, and there are breach notification laws sprouting up around the world.  Every day, we hear of more and more data breaches . . . and they are getting larger and larger.

Continue Reading

Cartoon: Data Subject Access Requests Under the CCPA and GDPR

Cartoon Data Subject Access Requests (DSARs) - TeachPrivacy CCPA Training 02

This cartoon is about data subject access requests (DSARs) — sometimes called “subject access requests” (SARs).  The GDPR Article 15 provides for DSARs.  The new California Consumer Privacy Act (CCPA) provides individuals with a right to learn about the personal data collected and shared about them over the past 12 months.

For more background about DSARs, see this great guide to DSARs by WireWheel.

Continue Reading

Cartoon: Data Minimization

Cartoon Data Minimization - TeachPrivacy Privacy Awareness Training 02 small

This privacy cartoon is about data minimization, a principle embodied in many privacy laws.  Under the data minimization principle, organizations are to collect, process, or share only the minimum necessary personal data to achieve their purpose.  There’s a lot of hat tipping to data minimization, but this principle is often not followed enough.  Far too often, personal data is collected without any particular purpose in mind and far too much is shared than necessary.

Continue Reading

Cartoon: The CCPA, a Federal Comprehensive Privacy Law, and Preemption

Cartoon CCPA Preemption - TeachPrivacy CCPA Training 02 small

For years, many policymakers, industry representatives, and commentators were opposed to a comprehensive federal privacy law.  They typical federalism arguments were often trotted out. Then, in 2018, California passed the California Consumer Privacy Act (CCPA). Now, there seems to be a chorus for a comprehensive federal privacy law with preemption.  I’ll be posting soon about my thoughts on a federal law and on preemption.

Continue Reading

Cartoon: Data Breach Notification

Cartoon Data Beach Notification - TeachPrivacy Security Awareness Training 02 small

This cartoon is about data breach notification.  All 50 states plus the District of Columbia and Puerto Rico now have data breach notification laws, and breach notification laws are spreading around the globe.  And, as is often said in data security, it’s not whether a breach will happen, but when . . .

Continue Reading