TrustArc Blog

TrustArc GDPR Research, Part 3: Companies Are Most Compliant on Customer-Facing Issues, Such as Cookie Consent

July 19, 2018

In our July 16th blog post we reported on our survey of 600 US, UK and other EU respondents, advising that the companies cited meeting customer expectations as a more important motivation to becoming GDPR compliant than avoiding fines or lawsuits. In line with the goal of meeting customer expectations, respondents reported being most compliant with updating policies and procedures (27%) and cookie consent management (25%) and furthest behind with respect to international data transfer mechanisms (16%) and vendor risk management (13%). The overwhelming majority (87%) of respondents needed 3rd party help with their GDPR projects – the most external help needed … Continue reading TrustArc GDPR Research, Part 3: Companies Are Most Compliant on Customer-Facing Issues, Such as Cookie Consent

Why You Should Get Started on CCPA Compliance Now

July 17, 2018

The California Consumer Privacy Act of 2018 (AB 375) was passed on June 28th, 2018 (“CCPA”). Similar to the GDPR, the CCPA will require companies in scope to enhance their data management practices, expand their individual rights processes, and update their privacy policies by the January 1, 2020 deadline. Those who have helped their companies prepare for the GDPR compliance date know the importance and benefit of starting early. While they may have a head start, creating processes to manage these new and ongoing compliance obligations under the CCPA will be a large undertaking for any company in scope. There … Continue reading Why You Should Get Started on CCPA Compliance Now

TrustArc GDPR Research, Part 2: Top Reason for Investing in GDPR Compliance Was Meeting Customer Expectations

July 16, 2018

In our July 12th blog post we shared the compliance status of 600 US, UK and other EU respondents. We also reported that 68% of the respondents have spent more than six figures already on GDPR compliance and that 67% expect to spend an additional six figures by the end of 2018. The research showed us that becoming GDPR compliant is an expensive endeavor. But did the 600 companies surveyed devote those large GDPR budgets due to the fear of heavy GDPR regulatory fines and litigation costs?  Key findings from the research show that not to be the case. For the US, … Continue reading TrustArc GDPR Research, Part 2: Top Reason for Investing in GDPR Compliance Was Meeting Customer Expectations

TrustArc GDPR Research: 74% of Companies Expect to be GDPR Compliant by the End of 2018

July 13, 2018

The May 25, 2018 EU General Data Protection Regulation (GDPR) compliance deadline has passed and the question on everyone’s minds is – how did we do? To help answer that question, TrustArc surveyed 600 IT and legal professionals in the U.S., UK and EU companies one month after the May 25 deadline. For all respondents, privacy represented at least 25% of their job.  The participating companies included a mix of small, mid-sized and large companies, from all major industry sectors, including technology, manufacturing, retail and financial services. In a press release announcing the release of the research report, Chris Babel, … Continue reading TrustArc GDPR Research: 74% of Companies Expect to be GDPR Compliant by the End of 2018

Managing Consent and Legitimate Interests Under the GDPR – Webinar Recap

July 10, 2018

As part of the TrustArc Privacy Insight Series Webinars, Ray Everett, Principal Consultant and Director of EMEA/Global Consulting at TrustArc, presented “Managing Consent and Legitimate Interests Under the GDPR.”  This blog post will give a brief summary of that webinar; you can listen to the entire webinar and download the slides here.  In this webinar, Ray discussed determining lawful basis for processing, looking at legitimate interest, approaches to consent, and demonstrating and maintaining compliance. Ray examined the three most common applicable bases for processing, which are: consent, performance of a contract, and legitimate interests pursued by the controller or by … Continue reading Managing Consent and Legitimate Interests Under the GDPR – Webinar Recap

July Event Spotlight: Privacy Laws & Business Conference, IAPP Asia Privacy Forum and TrustArc Privacy Insight Series Webinar!

July 02, 2018

  Privacy Laws & Business Conference – Navigating GDPR: The Art of the Possible July 2 – 4 Cambridge, UK Navigating through rough water takes skill and experience. The GDPR is a long and complex mix of principles and practical steps making it a challenge for everyone. This year’s conference theme is the art of the possible reflecting a realistic assessment of the task ahead.  The Privacy Laws & Business Conference is an opportunity to enjoy a unique friendly summer school atmosphere, while mingling with a group of Data Protection Commissioners, privacy managers, specialist lawyers and academics from many countries. … Continue reading July Event Spotlight: Privacy Laws & Business Conference, IAPP Asia Privacy Forum and TrustArc Privacy Insight Series Webinar!