About Consent Management
Consent is at the heart of modern privacy compliance. In this article, we look at how to build robust consent frameworks for laws like GDPR and CCPA.
About Data Subject Requests
Data subject requests and DSARs are core functions in modern privacy ops. In this article, we show how to successfully fulfill these requests in compliance with laws like GDPR and CCPA.
Is This Thing On? Decoding Audacity’s Privacy Update
Changes in the data-collection policy for a hugely popular audio editing app are highlighting old and new tensions in digital trustworthiness, and how open-source software can offer solutions.
Meet The Colorado Privacy Act: An Intro To CPA Compliance
Colorado joins the ranks of California and Virginia in passing comprehensive consumer privacy legislation. Here’s how the latest privacy law stacks up to other frameworks, and what it could teach us about the future of American privacy regulation.
See A Dark Pattern, Defeat A Dark Pattern
I first learned about dark UX patterns when I worked at Blizzard Entertainment, where our UX team fought endlessly to thwart any experiences that could be remotely perceived as dark patterns,
Data Erasure In Distributed Systems
My talk at this year’s Privacy Engineering Practice and Respect (PEPR) conference came on the heels of the Colorado House voting to pass the state’s comprehensive privacy legislation.
Big Tech As Its Own Privacy Regulator, Part 2: For Kids
On policy and product fronts, children’s privacy is taking the national stage. In understanding the market and legal forces at work, a striking vision for general consumer privacy comes into focus.
Implementing Two-Factor Authentication In DSARs And Beyond
Strong password practices are essential for keeping your company’s and users’ data safe, in processing DSARs and in your general business practices. However, passwords are just one part of the equation. For next-level protection, here’s the 411 on 2FA: two-factor authentication.
Your Guide To The May 2021 Ruling On Facebook’s EU-US Data Transfers
The Schrems saga, going eight years strong, is only getting more consequential for data transfers. Here’s a recap of the latest ruling out of Ireland.
What Florida And Washington Are Teaching Us About Privacy Legislation
Last week, two of the most prominent privacy bills in the country died, in large part over a debate about a private right of action. Here’s a rundown of the ongoing disagreement and how it could shape the trajectory of US privacy.