PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Cartoon: The Post-GDPR World

Cartoon Post-GDPR World - TeachPrivacy GDPR Training 02 meidum

This is a momentous week.  On Friday, May 25, 2018, the General Data Protection Regulation (GDPR) will begin being enforced. Organizations are racing against the clock to be prepared.  What will the day look like when the sun rises on May 25?

Cartoon: The Four Phases of Developing a GDPR Program

Cartoon Four Phases of GDPR Program - TeachPrivacy GDPR Training

The General Data Protection Regulation (GDPR) has actually been with us for quite a long time (in various forms), but this month is the moment of truth.  On May 25, the GDPR will start being enforced. Here’s a quick timeline of the evolution of the GDPR: October 1995:  Data Protection Directive (95/46/EC) is adopted.  The […]

Why I Love the GDPR: 10 Reasons

GDPR Love 01

I have a confession to make, one that is difficult to fess up to on the US side of the pond: I love the GDPR. There, I said it. . . In the United States, a common refrain about GDPR is that it is unreasonable, unworkable, an insane piece of legislation that doesn’t understand how […]

Cartoon: GDPR Experts

Cartoon GDPR Experts - TeachPrivacy GDPR Training 02 medium

This cartoon makes fun of the fact that these days, there seem to be so many GDPR experts.  There are, indeed, many experts who know a lot about GDPR.  The problem is that there are a lot more “experts” out there who know only a little about GDPR.

Cartoon: GDPR Compliance

Cartoon GDPR Compliance - TeachPrivacy GDPR Training 02 medium

Organizations are racing to get ready for the GDPR implementation date of May 25, 2018.  Complete GDPR compliance in a few months is likely not feasible for many organizations, but this shouldn’t mean that these organizations should give up.  Making a good-faith effort and continuing to strive to improve are quite worthwhile.

GDPR Whiteboard and GDPR Interactive Whiteboard

GDPR Whiteboard - TeachPrivacy GDPR Training

Recently, I created two new GDPR training resources. GDPR Whiteboard I created a 1-page visual summary of the GDPR, which I call the GDPR Whiteboard.  The idea was to capture the key points of the General Data Protection Regulation (GDPR) in a succinct and visually-engaging way.  It has become quite popular, receiving thousands of downloads.  You […]

Cartoon: GDPR Right to Be Forgotten

Cartoon GDPR Right to Be Forgotten - TeachPrivacy GDPR Training

The GDPR Article 17 provides for a right to erasure — commonly known as the “right to be forgotten.”  Data subjects may request that an organization erase their personal data “without undue delay” under a number of circumstances.  These circumstances include when the data is no longer relevant to the purposes of collection, when consent […]

The International Privacy+Security Forum

International Privacy+Security Forum

The International Privacy+Security Forum (February 26-27, 2018 in Washington DC) is next week. The International Forum is a new annual sister event to the Privacy+Security Forum, an annual event held in October at George Washington University in Washington, DC.  The regular Privacy+Security Forum will be in its 4th year in 2018.  This past year, we […]

Cartoon: GDPR’s Scope

Cartoon GDPR Scope

I turned my short GDPR vignette about GDPR’s territorial scope into a cartoon.  The GDPR applies not just to all EU organizations that process personal data.  The GDPR also applies to non-EU established organizations that offer goods and services to EU citizens or that monitor behavior within the EU. The GDPR thus has quite a long […]

GDPR Cartoon: Lawful Processing

Cartoon GDPR Lawful Processing

This cartoon focuses on the lawful processing requirement.  Under the EU’s General Data Protection Regulation G(DPR), the collection and processing of personal data must be for “specified, explicit and legitimate purposes.”   This is in contrast to the United States where the processing of personal information is permitted unless a law forbids it. Under the GDPR, […]