ABC's of Privacy and Security

•

3 gefällt mir•1,024 views

Borrow GAMA's privacy team as your CPO for the evening with a review of compliance with domestic and international privacy and security law. Get your company ready for changes in California in 2014 as well as what may be on the horizon in the privacy and security space.

Business Technologie News & Politik

Personally Identifiable Information (PII)

“Personally identifiable information” is information
that identifies a particular person. “Pii” includes:
!

•
•
•
•
•
•
•
•
•
•
•
•
•

Full name;
National identification number;
IP address;
Vehicle registration plate number;
Driver’s license number;
Face;
Fingerprints;
Handwriting;
Credit card numbers;
Digital identity;
Date of birth;
Birthplace; and
Genetic information.

Sensitive PII
!

•
•
•
•
•
•
•
•

Information on Medical or Health Condition;
Financial Information;
Racial or Ethnic Origin;
Political Opinion;
Religious or Philosophical Beliefs;
Trade Union Membership;
Sexual Preference; and
Information Related to Criminal Offenses or
Convictions.

Digital Data Privacy law is complicated.

Nationwide legislation is industry specific.

General Accepted Privacy Principles
(GAPPs)

General Accepted Privacy Principles
(GAPPs)
!

1. Notice
2. Consent
3. Use, Retention and Disposal
4. Monitoring and Enforcement

California
!

Do Not Track
!

Data Breach Notification
!

No Surprises Approach to Mobile from the AG’s
Office
!

Digital “Eraser” Law for Minors
!
!
!
!
!

privacy law abroad.

international compliance.

Main Principles of the EU-US Safe Harbor
!

1. Notice
2. Choice
3. Onward Transfer
4. Access
5. Security
6. Data Integrity
7. Enforcement

kidz online.

yes, different rules apply.

Children’s Online Privacy Protection Act
!

Requires websites to get parental consent before
collecting or sharing info for children under 13.
!

Enforced by the Federal Trade Commission.
!

Applies to commercial websites and other online
services.
!
!
!

getting prepped

Privacy Management in Seven Steps

Seven Steps for Privacy Management
!

1.
2.
3.
4.
5.
6.
7.

Assess
Plan
Draft
Implement
Disclose
Grow
Rinse & Repeat
!
!
!

!

Seven Steps for Privacy Management
!

Assess
!
!
!
!

Conducting an assessment on privacy and data
security.

Seven Steps for Privacy Management
!

Plan
!
!
!
!

Seven Steps for Privacy Management
!

Draft
!
!
!
!

What Your Privacy Policy Should Say
!
!
!
!

What Your Privacy Policy Should Say
!

How Data is Collected and Stored
!
!

What Your Privacy Policy Should Say
!

Choice & Consent
!
!

What Your Privacy Policy Should Say
!

Data Retention
!
!

What Your Privacy Policy Should Say
!

Redress of Grievances
!
!

What Your Privacy Policy Should Say
!

Mobile Application Disclosure & Disclaimer
!
!

Seven Steps for Privacy Management
!

Implement
!
!
!
!

What Your Team Should Know
!

Where the Privacy Policy is located
!
!

What They Should Know
!

What kind of data you should collect
!
!

What They Should Know
!

How to handle basic customer privacy concerns
!
!

Seven Steps for Privacy Management
!

Disclose
!
!
!
!

Seven Steps for Privacy Management
!

Grow
!
!
!
!

Seven Steps for Privacy Management
!

Rinse & Repeat
!
!
!
!

Avoiding the “Oh, crap.”

General Privacy Tips

Where Trouble Arises
!

Failing to respond to a complaint from the public
!

Where Trouble Arises
!

Don’t over-promise
!

Where Trouble Arises
!

When in doubt, talk to your risk management or
legal teams

Where Trouble Arises
!

Appropriate account access minimizes liability

Where Trouble Arises
!

Use common sense

Lawyer
Christina Gagnier
@gagnier
gagnier@gamallp.com
gamallp.com

Weitere ähnliche Inhalte

Ähnlich wie ABC's of Privacy and Security

CSMFO 2012 Data Privacy in Local Government

Donald E. Hester

ABSTRACT: In this talk, George will demonstrate the extent and power of personal data collected by technology companies. He will explore the potential of personal data to do both good and bad, the dangers of giving up your "digital DNA", and the value these companies extract from this data. Data rights are finally legally recognised. With the combination of GDPR & rising awareness of personal data abuse, we might eventually be able to control our data, or at least understand as much about our digital footprint as profit-driven companies do. AI is only possible because it has data. Imagine your data being used to benefit you, instead of targeting you with gambling adverts. Imagine the potential for next-generation research to understand our society, which can only happen if we break data out from being locked in corporate databases. Data rights are just the start, now we need to use them. BIO: George Punter holds a first class Masters degree from Imperial College London in Electronics & Information Engineering. He co-founded Ethi (ethi.me), a startup that aims to make controlling your personal data easier, and allow users to use their personal data for their own benefit, or for social good. Ethi is currently partnering with a cyber security firm, TurgenSec, to help create next-generation, user-centred security.

AI for humans - the future of your digital self

Speck&Tech

Cybersecurity Seminar March 2015

Lawley Insurance

Presentación del Webinar de nuestra hermana Mind Your Privacy y Cardinal Path En el actual escenario digital, más que nunca los analistas, marketeros y demás profesionales de datos deben conocer los cambios en las normativas nacionales e internacionales así como una serie de principios básicos para respetar la privacidad y la protección de los que sus datos recogen. Digital Marketing meets Privacy

A Global Marketer's Guide to Privacy

FLUZO

GDPR General Awarness for employees and personal data types

AbdullaFatiya3

Cyber Security - NAHU Continuing Education Course

Scott Diehl

Siskinds | Incident Response Plan

Next Dimension Inc.

In a data driven economy, analysts must be concerned with how data is collected, processed and subsequently used to improve online customer experiences, during those moments that matter. Unlocking Value & Controlling Risk by #MindYourPrivacy Does your company adequately manage and control the Data Life Cycle? Are you aware of European Privacy fines? Did the Target security breach that emanated through a 3rd party worry you and make you wonder about where to start?

IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...

FLUZO

Privacy Implications of Biometric Data - Kevin Nevias

Kevin Nevias

Covered Entity Presentation Regarding Business Associates[1]

Spencerallen

Big Data and Big Law at Walmart - StampedeCon 2013

StampedeCon

Hipaa presentation

cjkonsella

On February 19, 2014, the Federal Trade Commission staff hosted a seminar on Mobile Device Tracking. The speakers discussed how retailers and other businesses have been tracking consumers’ movements throughout and around retail stores and other attractions using technologies that identify signals emitted by their mobile devices. While the technologies differ, many work by identifying and collecting the MAC address – which is unique to a particular device – broadcast when a mobile device searches for Wi-Fi networks. Companies can use these technologies to reveal information about consumers including the path taken throughout a location, length of time in one location, whether a visitor is new or returning, and the frequency of visits to a location. According to media reports, major retailers in the United States are using or have tested the technology in their stores in order to gain insights into the behavior of their customers. In most cases, this tracking is invisible to consumers and occurs with no consumer interaction. As a result, the use of these technologies raises a number of potential privacy concerns and questions.

Mobile Device Tracking Seminar

Brian Ahier

Hedna pii is your goldmine a landmine

Evelyne Oreskovich

The Fundamentals of Applying for and Obtaining a Security Clearance

FedEmployeeLaw

IST Presentation

guest1d1ed5

Callcredit's Fraud Summit 2016 - Plenary session

Callcredit123

2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...

Localogy

Grbn trust and personal data survey a call to action

Andrew Cannon

GDPR webinar for business leaders

Deeson

Ähnlich wie ABC's of Privacy and Security (20)

CSMFO 2012 Data Privacy in Local Government

AI for humans - the future of your digital self

Cybersecurity Seminar March 2015

A Global Marketer's Guide to Privacy

GDPR General Awarness for employees and personal data types

Cyber Security - NAHU Continuing Education Course

Siskinds | Incident Response Plan

IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...

Privacy Implications of Biometric Data - Kevin Nevias

Covered Entity Presentation Regarding Business Associates[1]

Big Data and Big Law at Walmart - StampedeCon 2013

Hipaa presentation

Mobile Device Tracking Seminar

Hedna pii is your goldmine a landmine

The Fundamentals of Applying for and Obtaining a Security Clearance

IST Presentation

Callcredit's Fraud Summit 2016 - Plenary session

2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...

Grbn trust and personal data survey a call to action

GDPR webinar for business leaders

Mehr von Christina Gagnier

European Union General Data Protection Regulation (GDPR) Checklist

Christina Gagnier

EU Privacy Shield Self Certification

Christina Gagnier

The United Kingdom Raises Red Flag on Initial Coin Offerings

Christina Gagnier

Regulatory Regime for Cryptocurrencies in Gibraltar

Christina Gagnier

China Bans Initial Coin Offerings, "Illegal Public Financing"

Christina Gagnier

Initial Coin Offerings (ICOs) and Cryptocurrencies in Canada

Christina Gagnier

Conducting an Initial Coin Offering: Costs and Considerations

Christina Gagnier

On July 25, 2017, the United States Securities and Exchange Commission (SEC) issued an investigative report regarding the sales of digital assets by virtual organizations through offers and sales that have come to be known as “Initial Coin Offerings” and “Token Sales.” In Release No. 81207, “Report of Investigation Pursuant to Section 21(a) of the Securities and Exchange Commission Act of 1934: The DAO,” the SEC gives its first guidance as to whether or not it may view initial coin offerings and token sales as a security offering. The following provides a brief overview of the SEC’s report.

SEC Update: Virtual Organizations and the SEC - July 2017

Christina Gagnier

Our firm has prepared an overview of the prospective European Union – United States Privacy Shield program. As of today’s date, this program has yet to go into effect. Original projections had this program slated to begin in Summer 2016, as detailed below, but the Privacy Shield was formally adopted as of July 11, 2016. As our firm receives further information about the approval and implementation of this program, our firm is ready to work with your company to execute the proper procedures for compliance.

Guide to Prospective European Union - United States Privacy Shield Program

Christina Gagnier

European Union Privacy Law - General Data Protection Regulation Checklist

Christina Gagnier

Revenge Pornography: Legal and Policy Issues - Computers, Data & Privacy Prot...

Christina Gagnier

Student Privacy Rights: In and Out of the Classroom

Christina Gagnier

Gender Issues: Creating a Safe Environment for All Students

Christina Gagnier

Starting a Business: The Legal Details

Christina Gagnier

The move by many schools to adopt cloud-based data storage and data analytics solutions is unsurprising, since schools can generate significant pedagogical value through use of these technologies. With these rewards come broad risks associated with legal and regulatory data privacy compliance. Given the slew of recent retail industry data breaches making national headlines, the risks of data collection and storage are immediately apparent. With data privacy on everyone’s mind, there has never been a better time for school administrators to fully evaluate and address their student data privacy policies.

GAMABrief: When Education Meets Big Data

Christina Gagnier

Technology in the classroom is nothing new, but with the rise of smartphones, smart boards and tablet computing, the way teachers and students use and engage with media continues to grow and evolve. Any time educational content is used, shared or created, whether by teachers or by students, IP laws and, specifically, copyright laws, are implicated. Administrators, teachers and students must all be aware of what activity is freely permissible under U.S. Copyright Law, and what sort of activities might run afoul of the law.

GAMABrief: What Every School Needs to Know About Copyright Law

Christina Gagnier

GAMAByte: The Legal Ramifications of Going 3D (Printing, That is)

Christina Gagnier

Tax season is just around the corner and changes to the capital gains tax rates will affect taxpayers filing their returns at the beginning of 2014. If you sold capital assets during 2013, you might be subject to the increased rates. This brief provides important information on preparing for the capital gains tax hike. Capital gains tax is the tax on capital asset profits—the profit made from selling an item bought for personal investment. On January 1, 2013, the government passed the American Taxpayer Relief Act of 2012 (ATRA). The ATRA added a top federal income bracket of 39.6% and increased the long-term capital gains tax rate to 20% starting in the 2013 tax year.

GAMABrief: Preparing for the Capital Gains Tax Hike

Christina Gagnier

Privacy Identity Innovation 2013: Ignite Talk Slides - Content. Conduct. Cont...

Christina Gagnier

Revenge Porn: Posting Images Without Consent

Christina Gagnier

Mehr von Christina Gagnier (20)

European Union General Data Protection Regulation (GDPR) Checklist

EU Privacy Shield Self Certification

The United Kingdom Raises Red Flag on Initial Coin Offerings

Regulatory Regime for Cryptocurrencies in Gibraltar

China Bans Initial Coin Offerings, "Illegal Public Financing"

Initial Coin Offerings (ICOs) and Cryptocurrencies in Canada

Conducting an Initial Coin Offering: Costs and Considerations

SEC Update: Virtual Organizations and the SEC - July 2017

Guide to Prospective European Union - United States Privacy Shield Program

European Union Privacy Law - General Data Protection Regulation Checklist

Revenge Pornography: Legal and Policy Issues - Computers, Data & Privacy Prot...

Student Privacy Rights: In and Out of the Classroom

Gender Issues: Creating a Safe Environment for All Students

Starting a Business: The Legal Details

GAMABrief: When Education Meets Big Data

GAMABrief: What Every School Needs to Know About Copyright Law

GAMAByte: The Legal Ramifications of Going 3D (Printing, That is)

GAMABrief: Preparing for the Capital Gains Tax Hike

Privacy Identity Innovation 2013: Ignite Talk Slides - Content. Conduct. Cont...

Revenge Porn: Posting Images Without Consent

Kürzlich hochgeladen

CROSS CULTURAL NEGOTIATION BY PANMISEM NS

panmisemningshen123

ABORTION KIT [(WhatsApp +27737758557 ₩ ௹# Termination of Pregnancy/ +27737758557 Abortion Pi.lls For Sale In WELKOM,Illovo Beach, Phalaborwa,MargatePrice of Misoprostol, Cytotec” +27737758557 SAFE ABORTION PILLS IN Roodepoort,Benoni, Boxburg, Brapan, Carletonville, Germiston, Johannesburg, Krugersdorp, Pretoria, Randburg, Randfontein, Roodepoort, Soweto, Springs, Vanderbijlpark, Vereeniging, Tembisa, Kempton Park, Centurion, Sandton, Sandton, Alexandretta, MIDRAND, MIDSIDAFIDARANANDINVILLE, MIDRAND VILLE , Midsideifidarandinville . . Magaliesburg, Alberton, Heidelberg, Nigel, Edenvale, Ivory Park, Bronkhorstspruit, Westonaria, Sharpeville, Lenasia, Soshanguve, Bophelong, Refilwe, Ratanda, Duduza, Vosloorus, Boipatong, Irene, Meyezafour, Thousands, Thovenko, Olympia. -Rankuwa, Katlehong, Diepsloot, Hillbrow, Rivonia, Tsakane, Bekkersdal, Isando, Kagiso, Khutsong, KwMon Apr 15 2024 22:50:02 GMT+0200 (South Africa Standard Time) ABORTION KIT [(WhatsApp +27737758557 ₩ ௹# Termination of Pregnancy/ +27737758557 Abortion Pills For Sale In Ohrigstad,Zastron, Biggarsberg,MoteongPrice of Misoprostol, Cytotec” +27737758557 SAFE ABORTION PILLS IN Roodepoort,Benoni, Boxburg, Brapan, Carletonville, Germiston, Johannesburg, Krugersdorp, Pretoria, Randburg, Randfontein, Roodepoort, Soweto, Springs, Vanderbijlpark, Vereeniging, Tembisa, Kempton Park, Centurion, Sandton, Sandton, Alexandretta, MIDRAND, MIDSIDAFIDARANANDINVILLE, MIDRAND VILLE , Midsideifidarandinville . . Magaliesburg, Alberton, Heidelberg, Nigel, Edenvale, Ivory Park, Bronkhorstspruit, Westonaria, Sharpeville, Lenasia, Soshanguve, Bophelong, Refilwe, Ratanda, Duduza, Vosloorus, Boipatong, Irene, Meyezafour, Thousands, Thovenko, Olympia. -Rankuwa, Katlehong, Diepsloot, Hillbrow, Rivonia, Tsakane, Bekkersdal, Isando, Kagiso, Khutsong, Kwa-Thema, Daveyton, Hammanskraal, Gauteng, Emalahleni, Nelspruit, Secunda, Middelburg, Standerton, LesMon Apr 15 2024 22:51:10 GMT+0200 (South Africa Standard Time) IN Vryburg/Witbank [[[[WhatsApp ((( ( +27737758557 )) *____**)) ABORTION PILLS FOR SALE IN Witbank/Vryburg KEMPTON PARK, GAUTENG JOHANNESBURG CBD. ABU DHABI, ABORTION PILLS FOR SALE Vryburg/Witbank WhatsApp ((( +27737758557 )) Mon Apr 15 2024 22:51:10 GMT+0200 (South Africa Standard Time) IN Vryburg/Witbank [[[[WhatsApp ((( +27737758557 ) *____**)) ABORTION PILLS FOR SALE IN Witbank/Vryburg KEMPTON PARK, GAUTENG JOHANNESBURG CBD. ABU DHABI, ABORTION PILLS FOR SALE Vryburg/Witbank WhatsApp ((( (+27) +27737758557 ))Mon Apr 15 2024 22:51:10 GMT+0200 (South Africa Standard Time) IN Vryburg/Witbank [[[[WhatsApp ((( +27737758557 ))) *____**)) ABORTION PILLS FOR SALE IN Witbank/Vryburg KEMPTON PARK, GAUTENG JOHANNESBURG CBD. ABU DHABI, ABORTION PILLS FOR SALE Vryburg/Witbank WhatsApp ((( +27737758557 ))vlieton, Kinross. , Evander, Kriel, Mpumalanga, Durban, Empangeni, Ladysmith, Newcastle, Pietermaritzburg, Pinetown, Ulundi, Umlazi, Port Shepstone, Dundee , Richards Bay, Kwazulu-Natal, Giyani,

Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...

daisycvs

PARK STREET CALL WATTSAPP 98274,61493 THE MOST BEAUTIFUL INDEPENDENT ESCORT CALL GIRL SERVICE Kolkata WE ARE PROVIDING GENUINE CALL GIRL SERVICE I AM A a NATURAL BRUNETTES, SLIM BODY, NATURAL LONG HAIR AND ALL TYPE OF HAIR IS A NATURAL BRUNETTE IN THE MOST BEAUTIFUL INDEPENDENT ESCORT GIRL I AM A NATURAL BRUNETTE WITH ROOM AND HOTEL AND A NATURAL BRUNETTE WITH A BODY MADE FOR SIN AND ALL TYPE OF ME ALL THE TIME I SEND YOU A HAIR, VERY SOCIABLE AND FUNNY, READY TO ENTERTAIN TO ENTERTAIN U AND MAKE FORGET ABOUT TO GET ENTERTAIN U AND MAKE FORGET ABOUT ALL THE PROBLEMS. LET'S HAVE A WONDERFUL TIME TOGETHER AND FORGET ABOUT EVERYTHING ALL TYPE SERVICE ENJOYMENT SAFE AND SECURE IN CALL OUT CALL HOME AND HOTEL ANYTIME AVAILABLE AND ALL TYPE SERVICE ENJOYMENT

PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now

kapoorjyoti4444

Mckinsey foundation level Handbook for Viewing

Nauman Safdar

Pre Engineered Building Manufacturers Hyderabad.pptx

Roofing Contractor

Falcon Invoice Discounting: Empowering Your Business Growth

Falcon investment

Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...

ssuserf63bd7

QSM Chap 10 Service Culture in Tourism and Hospitality Industry.pptx

DitasDelaCruz

SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months

IndeedSEO

JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS

kajalroy875762

Cannabis Legalization World Map: 2024 Updated

CannaBusinessPlans

Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING

pr788182

Kalyan Call Girl 98350*37198 Call Girls in Escort service book now

ranineha57744

Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI

Tim Wilson

Ooty Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Avail...

pujan9679

Marel Q1 2024 Investor Presentation from May 8, 2024

Marel

Paradip CALL GIRL IN70918 19311 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL IN We are Providing :- ● – Private independent collage Going girls . ● – independent Models . ● – House Wife’s . ● – Private Independent House Wife’s ● – Corporate M.N.C Working Profiles . ● – Call Center Girls . ● – Live Band Girls . ●- Foreigners & Many More . Service type: 1.In call 2.out call 3. full Lip to Lip kiss 4.69 5.b-job without Condom 6. Hard Core sex & Much More. 7 Body to Body Touch 8 Kissing 9 Sucking Boobs and More 10 Enjoy by Hand 11 Relax By Oral 12 Sex with Happy Ending • In Call and Out Call Service • 3* 5* 7* Hotels Service • 24 Hours Available • Indian, Russian, Punjabi, Kashmiri Escorts • Real Models, College Girls, House Wife, Also Available • Short Time and Full Time Service Available • Hygienic Full AC Neat and Clean Rooms Avail. In Hotel 24 hours • Daily Escorts Staff Available • Minimum to Maximum Range Available.c al

Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING

pr788182

HomeRoots Pitch Deck | Investor Insights | April 2024

Hector Del Castillo, CPM, CPMM

Arti Languages Pre Seed Teaser Deck 2024.pdf

will854175

Phases of Negotiation .pptx

nandhinijagan9867

Kürzlich hochgeladen (20)

CROSS CULTURAL NEGOTIATION BY PANMISEM NS

Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...

PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now

Mckinsey foundation level Handbook for Viewing

Pre Engineered Building Manufacturers Hyderabad.pptx

Falcon Invoice Discounting: Empowering Your Business Growth

Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...

QSM Chap 10 Service Culture in Tourism and Hospitality Industry.pptx

SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months

JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS

Cannabis Legalization World Map: 2024 Updated

Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING

Kalyan Call Girl 98350*37198 Call Girls in Escort service book now

Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI

Ooty Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Avail...

Marel Q1 2024 Investor Presentation from May 8, 2024

Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING

HomeRoots Pitch Deck | Investor Insights | April 2024

Arti Languages Pre Seed Teaser Deck 2024.pdf

Phases of Negotiation .pptx

ABC's of Privacy and Security

1. THE ABC’s of PRIVACY & SECURITY

2. Disclaimer Lawyers

3. what is privacy?

6. Personally Identifiable Information (PII)

7. “Personally identifiable information” is information that identifies a particular person. “Pii” includes: ! • • • • • • • • • • • • • Full name; National identification number; IP address; Vehicle registration plate number; Driver’s license number; Face; Fingerprints; Handwriting; Credit card numbers; Digital identity; Date of birth; Birthplace; and Genetic information.

8. Sensitive PII ! • • • • • • • • Information on Medical or Health Condition; Financial Information; Racial or Ethnic Origin; Political Opinion; Religious or Philosophical Beliefs; Trade Union Membership; Sexual Preference; and Information Related to Criminal Offenses or Convictions.

9. Digital Data Privacy law is complicated.

10. Nationwide legislation is industry specific.

11. General Accepted Privacy Principles (GAPPs)

12. General Accepted Privacy Principles (GAPPs) ! 1. Notice 2. Consent 3. Use, Retention and Disposal 4. Monitoring and Enforcement

13. California ! Do Not Track ! Data Breach Notification ! No Surprises Approach to Mobile from the AG’s Office ! Digital “Eraser” Law for Minors ! ! ! ! !

14. privacy law abroad. international compliance.

15. Main Principles of the EU-US Safe Harbor ! 1. Notice 2. Choice 3. Onward Transfer 4. Access 5. Security 6. Data Integrity 7. Enforcement

16. kidz online. yes, different rules apply.

17. Children’s Online Privacy Protection Act ! Requires websites to get parental consent before collecting or sharing info for children under 13. ! Enforced by the Federal Trade Commission. ! Applies to commercial websites and other online services. ! ! !

18. getting prepped Privacy Management in Seven Steps

19. Seven Steps for Privacy Management ! 1. 2. 3. 4. 5. 6. 7. Assess Plan Draft Implement Disclose Grow Rinse & Repeat ! ! ! !

20. Seven Steps for Privacy Management ! Assess ! ! ! !

21. Conducting an assessment on privacy and data security.

22. type Audit: amount use intake

23. Seven Steps for Privacy Management ! Plan ! ! ! !

24. Seven Steps for Privacy Management ! Draft ! ! ! !

25. What Your Privacy Policy Should Say ! ! ! !

26. What Your Privacy Policy Should Say ! How Data is Collected and Stored ! !

27. What Your Privacy Policy Should Say ! Choice & Consent ! !

28. What Your Privacy Policy Should Say ! Data Retention ! !

29. What Your Privacy Policy Should Say ! Redress of Grievances ! !