Posts containing Cartoons by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
Organizations are racing to get ready for the GDPR implementation date of May 25, 2018. Complete GDPR compliance in a few months is likely not feasible for many organizations, but this shouldn’t mean that these organizations should give up. Making a good-faith effort and continuing to strive to improve are quite worthwhile.
The GDPR Article 17 provides for a right to erasure — commonly known as the “right to be forgotten.” Data subjects may request that an organization erase their personal data “without undue delay” under a number of circumstances. These circumstances include when the data is no longer relevant to the purposes of collection, when consent […]
I turned my short GDPR vignette about GDPR’s territorial scope into a cartoon. The GDPR applies not just to all EU organizations that process personal data. The GDPR also applies to non-EU established organizations that offer goods and services to EU citizens or that monitor behavior within the EU. The GDPR thus has quite a long […]
This cartoon focuses on the lawful processing requirement. Under the EU’s General Data Protection Regulation G(DPR), the collection and processing of personal data must be for “specified, explicit and legitimate purposes.” This is in contrast to the United States where the processing of personal information is permitted unless a law forbids it. Under the GDPR, […]
This cartoon depicts the challenges of complying with GDPR’s requirements for vendor management. Under the GDPR, there are serious responsibilities when using a vendor to process personal data. Broadly, there are three things that data controllers must do: 1. Data controllers must perform due diligence in selecting vendors and that are complaint with GDPR. […]
Here’s a cartoon I created about Big Data and information gathering that I haven’t yet posted. Hope you enjoy it!
My cartoon on why notice and choice is often not enough.
The General Data Protection Regulation (GDPR) will go into effect on May 25, 2018. The GDPR strengthens privacy protections in the EU and includes a number of additional rights and responsibilities.
This cartoon depicts the potential future of the Internet of Things. As more and more devices are connected to the Internet, including ones implanted in people’s bodies, increasing thought must be given to the privacy and security implications. The speed of technological development is moving at a far greater pace than the speed of policy […]