Organizations leveraging email marketing that includes tracking pixels should be paying attention to a new wave of class action lawsuits that may impact their marketing practices. The new class actions are similar to the Meta pixel cases we have seen filed...
REGULATORY COMPLIANCE
Privacy and Security Implications of Tracking Technologies
Though they may not be as old as your grandma’s chocolate chip cookie recipe, web cookies have been around since the internet exploded in popularity in the early 90’s and have played an understated role in improving the browsing experience of countless users on the...
Decoding Conversions API and Privacy Implications
Authored by: Gianna Jiang, Privacy Engineering ConsultantIn a world driven by technology, where ads seem to follow you around the internet, have you ever wondered how it all works? Buckle up, because we're about to uncover the new secret sauce of targeted advertising...
Managing downstream risks of ‘do not sell’ fulfillment
Authored by: Camille Ley, Senior Privacy Consultant and Lindsay Farbent, Privacy ConsultantIf you are like many businesses that have implemented solutions to honor consumer do not sell/share requests in accordance with U.S. state privacy laws, you have likely placed a...
Next time you do a Risk Assessment or Analysis, make sure you have Risk Intelligence on board
I was prompted to write this quick post this morning when I read this article. I think it is a good example of what some (actually many, in my experience) …
SCCs under Scrutiny: Transfer Strategies for US Companies Contracting with EU Service Providers
For many US-based multinational organizations, EU-approved Standard Contractual Clauses (“SCCs”) have long represented a relatively straightforward solution for the compliant transfer of personal data of EU residents to the organizations’ …
Practical Solutions to CCPA Challenges for Pharmaceutical and Life Science Organizations
The California Consumer Privacy Act (“CCPA”) becomes effective in less than a year. That means that for businesses in highly regulated sectors such as pharmaceuticals and life sciences, now is …
Hello PCI SSC… Can we rethink?
This is a detailed follow-up to the quick post I wrote the Friday before the Labor Day weekend, based on my read at the time of the PCI SSC’s Special Interest Group …
Hello PCI SSC…
Hello PCI SSC, You had me on board until I saw this statement in your guidance1 released yesterday. “However, using risk as the basis for an organization’s information security program …