SPOKES Privacy Technology Conference Fall 2021

Watch Now

Featured Insight

The DSAR Guide:

Overview of Data Subject Access Requests

What Behavioral Economics Can Teach Privacy Officers
What Behavioral Economics Can Teach Privacy Officers

A common refrain heard at WireWheel from its customers is the challenge privacy officers have socializing privacy risk and embedding it into organizational processes. Privacy risks, while opaque and obscure to many people, are quite tangible to an organization...

Practical Steps to Implementing Privacy Engineering
Practical Steps to Implementing Privacy Engineering

A central remit of privacy-by-design is to dive deeper into the tools, methodologies, and techniques that ensure that your company can integrate privacy into its design processes and workflows. It is a rapidly growing field that is often called privacy engineering....

“Explainability” for AI and ML
“Explainability” for AI and ML

How to Implement “Explainability” in Emerging Global AI/ML Regulations    Explainability is defined in various ways but is at its core about the translation of technical concepts and decision outputs into intelligible, comprehensible formats suitable for...

Digital Advertising and the Global Privacy Patchwork
Digital Advertising and the Global Privacy Patchwork

“The global privacy patchwork has created significant challenges for participants that work with the digital advertising industry," says Michael Hahn, SVP and General Counsel from IAB Tech Lab. “We work with multiple partners, the technology is complicated, and the...

Privacy Operations in Practice
Privacy Operations in Practice

Of particular interest to me right now – in a program with an early level of maturity – is the challenge socializing privacy substantively among business counterparts who are engaging with the data more directly, as well as socialization of privacy at the leadership...

Privacy in the Metaverse
Privacy in the Metaverse

It's inevitable that the metaverse will be the number one social network in the world. — Michael Gord, Metaverse Group Co-Founder “It wasn't that long ago that the metaverse concept didn't exist outside of science fiction books,” says WireWheel CPO Rick Buck. “The...

Third-Party Risk is Everywhere
Third-Party Risk is Everywhere

Brainstorming Solutions to Supplier Management Everybody has a process in place to demonstrate that you [the vendor] can be trusted to perform services for your client. This means a lot of paperwork and sometimes a lot of redundancy for suppliers.  All of this takes...

Privacy Law Update: December 20, 2021
Privacy Law Update: December 20, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates Digital Markets Act: Parliament ready to start negotiations with...

Finally Solving for Schrems II?
Finally Solving for Schrems II?

A conversation with the European Commission’s Bruno Gencarelli The world of data flows is a diversified world that doesn't stop at the transatlantic dimension, although that is, of course, a core component of that issue.  A successful arrangement to the privacy shield...

Cross-Border Data Transfers: A Conversation
Cross-Border Data Transfers: A Conversation

On November 11, 2021, in response to the uncertainty following Schrems II invalidation of the EU-US Privacy Shield, the European Data Protection Board (EDPB) issued long-awaited guidance on complying with GDPR requirements for the transfer of personal data from the EU...

Privacy Law Update: December 6, 2021
Privacy Law Update: December 6, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates EDPB Discusses Data Transfer Guidance Considerations, Key Points...

Rise of the Privacy Operations Leader
Rise of the Privacy Operations Leader

In the early years of privacy legislation, the focus was on legal interpretation and high-level understanding. What do the principles mean? How do you reconcile the European-style data protection regime, the US, and others? Naturally, the general counsel's office and...

Privacy Law Update: November 22, 2021
Privacy Law Update: November 22, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates Dispatch From Brussels: Some Clarification For EU Data Transfers...

Six Tips for Complying with PIPL
Six Tips for Complying with PIPL

The Personal Information Protection Law (PIPL) passed by the People's Republic of China on 21 August and effective November 1, 2021, is not the GDPR.[1] While it shares some familiar grammar with the General Data Protection Regulation, its underlying precept is of a...

Privacy Law Update: November 15, 2021
Privacy Law Update: November 15, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates UK Supreme Court Overturns Court of Appeal to Disallow Google...

Privacy Law Update: November 8, 2021
Privacy Law Update: November 8, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates Why it is unlikely the announced supplemental SCCs will...

Privacy Law Update: November 1, 2021
Privacy Law Update: November 1, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates G-7 Trade Ministers agree on digital trade principles During a...

Data Privacy Laws in 2022: What You Need to Know
Data Privacy Laws in 2022: What You Need to Know

Written by Rick Buck, Chief Privacy Officer, WireWheelLast Updated: January 3, 2022Introduction to Data Privacy in 2022 Over the past few years, the proliferation of data privacy laws has accelerated around the world. And this trend is not about to stop. ​​According...

Key Insights from One Year of CCPA Enforcement
Key Insights from One Year of CCPA Enforcement

Introduction The California Consumer Privacy Act (CCPA) has been in effect since January 1, 2020 and enforcement started on July 1, 2020. Although a coalition of 60 organizations was calling to delay the enforcement of CCPA due to COVID, the Office of the Attorney...

What Do I Need for My Website to Be Compliant?
What Do I Need for My Website to Be Compliant?

Today… and into the futureWritten by Rick Buck, Chief Privacy Officer, WireWheelAfter new privacy laws passed in Virginia, Colorado, and California, many clients ask us what they need to do to make sure that their website is compliant today and into the future for...

Privacy Law Update: October 25, 2021
Privacy Law Update: October 25, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates IAPP-EY release Annual Privacy Governance Report 2021 The...

Privacy Governance: ROPAs are the New Normal
Privacy Governance: ROPAs are the New Normal

 A key component of privacy governance is assessments. While Records of Processing Activity (ROPAs) do not assess risk per se, they do assess the who, what, why, where, and how of information processing. Analyzing the results against internal policy, processes, and...

How Privacy Laws Could Help Regulate Facebook’s Algorithms
How Privacy Laws Could Help Regulate Facebook’s Algorithms

Congressional testimony from a former Facebook employee has sparked outrage over the governance of the company’s algorithms and has renewed calls for regulation of the social media giant.  Although privacy laws ostensibly focus on data, GDPR in Europe and a set of...

Privacy Law Update: October 18, 2021
Privacy Law Update: October 18, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!The White House is having a big meeting about fighting ransomware. It didn't invite...

Where Are Companies on the Consent Management Spectrum?
Where Are Companies on the Consent Management Spectrum?

Written by Jeremy S. Berkowitz, Senior Principal, Global PrivacyPromontory Financial Group, an IBM CompanyAs a Senior Principal in the Promontory Financial Group’s privacy and data protection practice, I consult with companies on a variety of privacy issues related to...

Privacy Law Update: October 11, 2021
Privacy Law Update: October 11, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates FTC alum Ashkan Soltani selected to lead CPPA It was always...

Personal Data Definitions: Comparing GDPR vs CCPA vs CDPA vs CPA
Personal Data Definitions: Comparing GDPR vs CCPA vs CDPA vs CPA

Introduction ‘Personal Data’ has different legal definitions in the GDPR, CCPA in California, CDPA in Virginia, LGPD in Brazil and other regulations. Although personal data is sometimes used interchangeably with PII or personally identifiable information, “personal...

The DSAR Guide: Overview of Data Subject Access Requests
The DSAR Guide: Overview of Data Subject Access Requests

Last Updated: November 5, 2021What is a DSAR? Data Subject Access Requests (DSARs) give individuals (also known as data subjects) the right to discover what data an organization is holding about them, why they are holding that data and who else their data and other...

Privacy Law Update: October 4, 2021
Privacy Law Update: October 4, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates The Downside to State and Local Privacy Regulations Are stricter...

How to Operationalize Privacy by Design
How to Operationalize Privacy by Design

I think I’m a closet Project Manager. When you operationalize concepts, you have to have some solid project management skills to ensure you're identifying everything that you want to accomplish; how you’re going to do it; and the tactical plan behind it. —Lisa...

Privacy Law Update: September 27, 2021
Privacy Law Update: September 27, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates Mixed Messaging Around Progress Toward EU-US Data Transfer...

Canada’s Anti-Spam Law (CASL): What you need to know
Canada’s Anti-Spam Law (CASL): What you need to know

Written by Rick Buck, Chief Privacy Officer, WireWheelIntroduction The Canada Anti-Spam Law (CASL) was introduced in 2010 but came into effect on July 1, 2014. The CASL’s primary purpose is to reduce “the harmful effects of spam and related threats” and “help create a...

A Guide to PIPEDA: Canada’s Data Protection Law
A Guide to PIPEDA: Canada’s Data Protection Law

Written by Rick Buck, Chief Privacy Officer, WireWheelIntroduction The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian data privacy law which became law on April 13, 2000. The PIPEDA incorporates and also makes mandatory some of the...

A Guide to China’s Personal Information Protection Law (PIPL)
A Guide to China’s Personal Information Protection Law (PIPL)

Written by Rick Buck, Chief Privacy Officer, WireWheelIntroduction The Personal Information Protection Law is the first comprehensive data privacy law in China based on China’s constitution. Its primary aim is to “protect the rights and interests of individuals,”...

Complete Guide to LGPD: Brazil’s Data Privacy Law
Complete Guide to LGPD: Brazil’s Data Privacy Law

Written by Rick Buck, Chief Privacy Officer, WireWheelIntroduction The Brazilian Lei Geral de Proteção de Dados (LGPD) was first introduced on June 13, 2012 and went into effect on September 18. 2020. The administrative sanction provisions of the LGPD went into effect...

Complete Guide to GDPR: General Data Protection Regulation
Complete Guide to GDPR: General Data Protection Regulation

Written by Rick Buck, Chief Privacy Officer, WireWheelIntroduction The General Data Protection Regulation (GDPR) was adopted on April 14, 2016 and went into effect on May 25, 2018. The GDPR governs data protection and privacy in the European Union and in the European...

Colorado Privacy Act (CPA): What You Need to Know
Colorado Privacy Act (CPA): What You Need to Know

Written by Rick Buck, Chief Privacy Officer, WireWheelIntroduction The Colorado Privacy Act (CPA) was introduced on March 19, 2021, unanimously passed on May 26, 2021 and was signed into law on July 7, 2021 by Governor Jared Polis. CPA became the third comprehensive...

CCPA vs CPRA: A Guide to California’s Data Privacy Laws
CCPA vs CPRA: A Guide to California’s Data Privacy Laws

Written by Rick Buck, Chief Privacy Officer, WireWheelIntroduction to California’s Data Privacy Laws The California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), a ballot measure approved in November 2020, are transforming the privacy and...

Full Guide to Virginia’s Consumer Data Protection Act (CDPA)
Full Guide to Virginia’s Consumer Data Protection Act (CDPA)

Written by Rick Buck, Chief Privacy Officer, WireWheelIntroduction The Virginia Consumer Data Protection Act (CDPA) was introduced on January 1, 2021 to the House of Delegates and was signed into law by Governor Ralph Northam on March 2, 2021. The CDPA became the...

Privacy Law Update: September 20, 2021
Privacy Law Update: September 20, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates US Panel Votes to Approve $1 Billion for FTC Privacy Probes The...

Venture Capital Sees Big Opportunities in Data Privacy
Venture Capital Sees Big Opportunities in Data Privacy

Privacy has three key drivers: legislation, brand risk, and opportunity. “On one hand, you see strong winds from a regulatory and compliance perspective,” notes WireWheel CEO Justin Antonipillai. “And virtually every company is trying to find a solution to make sure...

Privacy Law Update: August 30, 2021
Privacy Law Update: August 30, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates UK Announces Independent Adequacy Decisions In June, the...

Culture Matters
Culture Matters

Understanding corporate culture is a critical first-step toward building a data privacy programWritten by Virginia Bartlett, Privacy Operations Expert, WireWheelDuring my tenure as a privacy officer in companies across many different industries, I’ve seen differing...

China Passes the Personal Information Protection Law (PIPL)
China Passes the Personal Information Protection Law (PIPL)

Written by Rick Buck, Chief Privacy Officer, WireWheelOn August 18, China introduced a third and final version of the Personal Information Protection Law (PIPL) law. This new law will take effect on Nov. 1, 2021. In many respects, it takes a similar approach to the EU...

Privacy Law Update: August 23, 2021
Privacy Law Update: August 23, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates One Year after Schrems II, the World Is Still Waiting for U.S....

Privacy & Marketing: Strategies for a Cookieless Future
Privacy & Marketing: Strategies for a Cookieless Future

Marketing and privacy are on a collision course – and it’s a trajectory that has been plotted for some time now, says Forrester Senior Analyst Fatima Khatibloo. This course was set, in part, because marketing has become “too good at connecting people and devices with...

Privacy Law Update: August 16, 2021
Privacy Law Update: August 16, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates Brazil Announces National Data Protection Council The Brazilian...

China’s Data Security and Privacy Laws
China’s Data Security and Privacy Laws

To date, China relies on several privacy and security related laws. It does not have a comprehensive data privacy law. That’s about to change. China is moving forward with a set of privacy and security laws (Personal Information Protection Law, Data Security Law)...

Preparing for CPRA, CDPA, and Other Emerging State Privacy Laws
Preparing for CPRA, CDPA, and Other Emerging State Privacy Laws

WireWheel’s Spokes 2021 conference included a panel of experts discussing current and emerging privacy laws around the U.S., including CPRA and CDPA. The panel was moderated by Rick Buck, Chief Privacy Officer for WireWheel, and panelists included Kristi Preuss,...

Privacy Law Update: August 9, 2021
Privacy Law Update: August 9, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates Brazilian Data Protection Body Pledges to Enforce "Responsive...

Key Topics in Privacy Leadership Today
Key Topics in Privacy Leadership Today

During the Spokes 2021 conference, WireWheel hosted a panel of privacy experts to discuss some central issues facing data privacy regulation and technology. Justin Antonipillai, CEO and Founder of WireWheel, moderated the panel, which also included Daniel Solove,...

Engineering Privacy at Scale
Engineering Privacy at Scale

The nature of privacy and what it means for businesses, consumers, and regulators, vary across organizations, industries, consumer segments, and jurisdictions. Even within a single organization, the conception of privacy (and its perceived impact) will differ from...

Privacy Law Update: August 3, 2021
Privacy Law Update: August 3, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates The Uniform Personal Data Protection Act Is Here In July 2021,...

NFTs: The Privacy Angle
NFTs: The Privacy Angle

Non-Fungible Tokens (“NFTs”), as the name implies, are tokenized representations of non-fungible assets (physical or digital). Each NFT is unique and contains unique identifiers, data, and metadata. The NFT not only identifies what that NFT represents – a work of art...

Privacy Law Update: July 26, 2021
Privacy Law Update: July 26, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates WireWheel CEO Foresaw the Impact of Data Privacy on Human...

Privacy Law Update: July 19, 2021
Privacy Law Update: July 19, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates Update by the California Attorney General Could Be a...

What Privacy Officers Need to Know About Synthetic Data
What Privacy Officers Need to Know About Synthetic Data

Regulation, cost, and other factors can hinder the great many benefits of access to data for analysis. This impedes not only the efforts of organizations to rationalize resources (e.g., workforce analytics, resource allocations, and consumer insights), but research...

Privacy Law Update: July 12, 2021
Privacy Law Update: July 12, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates Biden Executive Order Calls For Scrutiny Of Mergers, Data...

Polis Signs Final Flurry of Business Bills Despite Veto Pushes
Polis Signs Final Flurry of Business Bills Despite Veto Pushes

Written by Ed Sealover, Denver Business JournalGov. Jared Polis finished off a monthlong bill-signing tour over the past week and a half by inking 18 business-focused laws that create a groundbreaking data privacy law, ban certain types of plastic containers and delay...

Dark Patterns and Privacy by Design: A Delicate Balancing Act
Dark Patterns and Privacy by Design: A Delicate Balancing Act

I think we're watching builders and developers understand that part of the product success is that it has a privacy by design component to it and privacy was thought about upfront and built into the greater feature-functionality. or production system that's being...

Privacy Law Update: July 6, 2021
Privacy Law Update: July 6, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates The European Data Protection Board (EDPB) Finalises Guidance on...

Measuring What Matters: How to measure privacy’s impact
Measuring What Matters: How to measure privacy’s impact

In the last decade, the ability to collect, analyze, process, and monetize personal information has increased at an unprecedented rate. The growth rate of the marketing technology sector (“Martech”) – from 150 available solutions in 2011 to 8,000 at last count – is a...

Dark Patterns: Another really creepy line
Dark Patterns: Another really creepy line

The term “dark patterns” was coined by Harry Brignull in 2010. Brignull, who has a PhD in Cognitive Science, defines dark patterns as “tricks used in websites and apps that make you do things that you didn't mean to, like buying or signing up for something”...

Non-Fungible Tokens: The convergence of creator-centric ecosystems
Non-Fungible Tokens: The convergence of creator-centric ecosystems

Written by Luca Cosentino, Product Lead, Oasis Unlike fungible assets which are interchangeable (i.e., every bitcoin, ether, or dollar is equivalent to every other bitcoin, ether, or dollar), non-fungible tokens (NFTs) are unique and contain unique identifiers, data,...

4 Ways Integrations Help With DSAR Fulfillment
4 Ways Integrations Help With DSAR Fulfillment

Written by Stephen Buko, Senior Director, Product Implementation, WireWheelTo maintain legal compliance with existing and newly emerging data privacy laws, many large companies are faced with a challenge as they process and manage more data subject access requests...

Privacy Law Update: June 14, 2021
Privacy Law Update: June 14, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates A Deeper Dive Into The New Standard Contractual Clauses The good...

Colorado Passes a Data Privacy Law
Colorado Passes a Data Privacy Law

Colorado Passes a Data Privacy Law Law would be effective on July 1, 2023Written by Rick Buck, Chief Privacy Officer, WireWheelOn June 8, 2021, the Colorado Senate approved House amendments to the Colorado Privacy Act (CPA) (SB21-190). The bill now goes to Governor...

EU Releases New Standard Contractual Clauses Language
EU Releases New Standard Contractual Clauses Language

Written by Rick Buck, Chief Privacy Officer, WireWheelOverview On Friday, June 4, 2021, the European Commission approved and adopted a new version of the Standard Contractual Clauses (SCCs) that updates the rules on how data may be transferred outside of the EU....

Privacy Law Update: June 7, 2021
Privacy Law Update: June 7, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheel Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!Newsworthy Updates The Beginning of a New Era for International Transfers- New...