TrustArc Blog

Data Inventory and Mapping to Support Privacy Compliance

July 17, 2019

Data Inventory and Mapping to Support Privacy Compliance

One of the most important steps to design and build a data privacy program is to create an inventory of all of the personal data processing activities within your company. If you don’t know the type of data you collect and how it’s shared, processed and stored, it is difficult to know if you are meeting the privacy requirements that impact your business. Without this information, it is also difficult to know where data resides in order to be able to respond to situations where individuals exercise their personal data rights, for example, data subject access requests (DSAR). And as … Continue reading Data Inventory and Mapping to Support Privacy Compliance

TrustArc Continues Mission to Automate and Simplify Privacy Management with New Growth Investment

July 10, 2019

TrustArc Continues Mission to Automate and Simplify Privacy Management with New Growth Investment

By Chris Babel Two years ago we announced we were re-branding our company to TrustArc, to reflect our transformation into a comprehensive provider of technology solutions to automate and simplify privacy management. Over the past two years, we have continuously enhanced our Privacy Technology Platform to help manage GDPR, CCPA, LGPD and other compliance requirements.  Recent additions have been the Dashboard – a centralized location to manage privacy program KPIs; and the Privacy Profile – a streamlined resource to identify and manage the laws and regulations applicable to your organization.  Both of these solutions are powered by the TrustArc Intelligence … Continue reading TrustArc Continues Mission to Automate and Simplify Privacy Management with New Growth Investment

UK ICO and French CNIL Increase Activity Around Cookies and Consent Practices

July 09, 2019

UK ICO and French CNIL Increase Activity Around Cookies and Consent Practices

Perhaps the only thing higher than temperatures this summer in the European Union is the level of regulatory attention being paid to data-driven advertising and website cookie practices (including similar tracking technologies within mobile applications and other non-browser environments, collectively referred to here as “cookies”). This TrustArc blog post summarizes the major announcements and publications regulators have issued over the last few weeks, including what is expected to follow–and how TrustArc helps. UK ICO Report on Ad Tech, RTB and Privacy. First, the United Kingdom’s Information Commissioner’s Office (ICO) released on June 20th an “Update Report Into Adtech and Real … Continue reading UK ICO and French CNIL Increase Activity Around Cookies and Consent Practices

A Digestible Action Plan for Startups’ Cybersecurity Success

July 05, 2019

A Digestible Action Plan for Startups’ Cybersecurity Success

It’s never too early for a start-up business to begin to strategize and operationalize its cybersecurity goals–in fact, it’s a necessary prerequisite for high-yield growth. And yet, with all the high velocity activity and rapid decision-making that characterizes most startups’ early existence, it can be easy to overlook some of the critical prophylactic steps that must be taken to safeguard a nascent company’s value potential. The importance of this cannot be overstated, given that the harm to a startup’s reputation and brand name can be existential if proper controls are not in place. A recent Forbes CommunityVoice article by start-up founder Isaac … Continue reading A Digestible Action Plan for Startups’ Cybersecurity Success

Thailand’s Personal Data Protection Act (PDPA) Comes into Effect

July 02, 2019

Thailand’s Personal Data Protection Act (PDPA) Comes into Effect

After publication in the Royal Thai Government Gazette on May 27, 2019, Thailand’s Personal Data Protection Act B.E. 2562 (2019) (PDPA) came into effect on May 28, 2019. The PDPA is Thailand’s first comprehensive law governing data protection. The key operative provisions of the PDPA relating to the collection, use or disclosure of personal data will come into force on May 28, 2020. Some of the significant restrictions on the collection and use of personal data are the following: Data controllers must obtain consent from data subjects before they can process their data (subject to certain exceptions, such as where … Continue reading Thailand’s Personal Data Protection Act (PDPA) Comes into Effect

California Assembly Passes Smart Speaker Privacy Rules

July 01, 2019

California Assembly Passes Smart Speaker Privacy Rules

On May 28th, by a 42-6 bipartisan vote, California’s state Assembly passed a bill to impose rules on manufacturers of Internet-connected devices sold in California that offer voice recognition features. The bill defines “voice recognition feature” as the function of a connected device that allows the “collection, recording, storage, analysis, transmission, interpretation or other use of spoken words or sounds,” except where voice commands are not recorded or transmitted beyond the device. The proposed amendment to Chapter 35 of the state’s Business and Professions Code–which already imposes similar rules on connected televisions–would firstly prohibit the operation of any connected device’s voice recognition … Continue reading California Assembly Passes Smart Speaker Privacy Rules