Blog - WireWheel

Privacy Law Update: June 14, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheelNewsworthy Updates A Deeper Dive Into The New Standard Contractual Clauses The good news is that the new SCCs allow companies to take a risk-based approach when making assessments on whether a third country’s...

Colorado Passes a Data Privacy Law

Colorado Passes a Data Privacy Law Law would be effective on July 1, 2023Written by Rick Buck, Chief Privacy Officer, WireWheelOn June 8, 2021, the Colorado Senate approved House amendments to the Colorado Privacy Act (CPA) (SB21-190). The bill now goes to Governor...

EU Releases New Standard Contractual Clauses Language

Written by Rick Buck, Chief Privacy Officer, WireWheelOverview On Friday, June 4, 2021, the European Commission approved and adopted a new version of the Standard Contractual Clauses (SCCs) that updates the rules on how data may be transferred outside of the EU....

New Technology Meets Old Unanswered Questions: Data privacy in the age of virtual reality

In a single recommended 20-minute session in VR, a headset can generate approximately two million data points and unique recordings of body language. Immersive tech can track huge quantities of highly sensitive information, creating both lucrative opportunities for...

Privacy Law Update: June 7, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheelNewsworthy Updates The Beginning of a New Era for International Transfers- New SCC’s are Here The European Commission published the long awaited final standard contractual clauses for transfers of personal...

Consent and Preference Management: Regulatory table stakes or consumer insight?

When it comes to data privacy, the business aphorism “it’s better to ask forgiveness than ask permission” does not apply. And the more consumers learn about how their data is used, the less forgiving they have become. Consumer attitudes are very clear on this. For...

Privacy Law Update: June 1, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheelNewsworthy Updates What’s Behind the EU’s New Cloud Code of Conduct? It has been nearly a decade since former European Commission Vice President Neelie Kroes pitched plans for an EU Code of Conduct for cloud...

Privacy Law Update: May 25, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheelNewsworthy Updates Android Introduces New Privacy-friendly Sandbox For Machine Learning Data At the I/O developer conference on Tuesday, Google announced a range of new privacy measures, including a new partition...

What Do I Need to Do for My Website to Be Compliant?

Today… and into the futureWritten by Rick Buck, Chief Privacy Officer, WireWheelAfter new privacy laws passed within the last 12 months in both Virginia and California, many clients ask us what they need to do to make sure that their website is compliant today and...

Privacy Law Update: May 17, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheelThere were no substantial legislative changes this week. Hope you enjoy the expanded newsworthy updates in its place. Newsworthy Updates Data Privacy: How the Growing Field of Regulations Impacts Businesses The...

U.S. Data Privacy Regime: It’s a Long Road to Efficacy

Written by Guest blogger: David Stauss, partner at Husch Blackwell LLPWith the passage of the California Privacy Rights Act (CPRA) comes the creation of the California Privacy Protection Agency (CPPA) which will have full administrative power to implement and enforce...

6 Keys to Unlocking Privacy at Scale

Privacy and Data Governance Privacy is complex by virtue of its comprehensive nature. From the regulatory perspective, privacy legislation encompasses data security, consumer rights, and business obligations. A complexity, and risk, that is further compounded by the...

Privacy Law Update: May 10, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheelNewsworthy Updates Private right of action proving problematic for state privacy lawsTen states are currently considering data privacy legislation: Alabama, Alaska, Colorado, Connecticut, Illinois, Massachusetts,...

Privacy is Dead! A History

Written by Rick Buck, Chief Privacy Officer, WireWheelIn 1897 Mark Twain was contacted by the New York Journal “to inquire whether the rumors that he was gravely ill or already dead were indeed true.” His response as recorded in the article published on 2 June 1897...

Privacy Law Update: May 3, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheelAnother interesting week in the privacy world. The two key standouts this week include: new movement on updated Standard Contractual Clauses and the Privacy Shield program Florida’s HB969 which was believed to be...

Comparing CCPA, CDPA, GDPR: Similarities and Differences

Written by Rick Buck, Chief Privacy Officer, WireWheelCCPA, CDPA, GDPR Similarities and Differences Many new state privacy regulations are being introduced or coming into enforcement and are creating a complicated compliance environment that many organizations are...

Apple iOS 14.5 Release Is Happening Today

The long-awaited Apple iOS 14.5 is happening today. Apple’s new App Tracking Transparency (ATT) requirement, mandates that developers ask for permission to track users for targeted advertising. Apple’s approach with ATT joins other industry giants projects, such as...

Privacy Law Update: April 26, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheelNever a dull moment in the Privacy world!Newsworthy Updates Privacy and the EU’s Regulation on AI: What’s New and What’s Not? The draft EU Regulation on Artificial Intelligence (the “Regulation,” available here)...

Five Critical Tips for the Global Adoption of Vaccine Passports

More than a year into the pandemic, the world is ready to go back to normal. The acceleration of vaccinations suggests that ‘normal’ may come earlier than anticipated. However, as governments now work on transition plans from a pandemic to a post-pandemic environment,...

Privacy Law Update: April 19, 2021

Written by Rick Buck, Chief Privacy Officer, WireWheelThis was a quiet week for State privacy bills. The Washington Privacy act did not pass in session this week. The 2021 legislative session ends April 25. If the WPA does not pass the House, this would be the third...

Data Privacy: A convergence of Security, Compliance, and Conception

Data Privacy laws are comprehensive. They encompass not only conceptions of privacy – itself still subject to debate – but also security, consumer rights, business obligations, and of course regulatory compliance. As such, data privacy laws are also complex. The...

Zero Party Data

The writing is on the wall. Increasingly people will take control and will worry about their personal information. They do want more control over how their data is shared. Now here's the thing. Marketing data is critical to how we run our businesses and how we...

Privacy Shield 2.0?

The US and the European Union have recently opened talks around privacy protections for transatlantic data flows which could signal a resurrection of the Privacy Shield program. This is the third attempt for an adequacy mechanism to replace Safe Harbor, and Privacy...

Privacy Predictions Roundup

WireWheel CEO Justin Antonipillai has talked with many data privacy industry leaders, analysts, and advocates who have shared their insights, experience, and predictions about data privacy from both an industry and regulatory perspective. And much has happened to...

Privacy Law Update: West Virginia’s Proposed Privacy Law

Written by Rick Buck, Chief Privacy Officer, WireWheelNote: The West Virginia legislature closed its session on April 10 without passing its proposed bill so the bill is considered dead for now. The following blog outlines what was proposed. • • • On March 15, West...

Privacy Law Update: Virginia’s Consumer Data Protection Act – Final

Written by Rick Buck, Chief Privacy Officer, WireWheelFrom a privacy perspective, 2021 is getting off to a quick start in the United States. Baseline privacy bills are currently pending in at least 13 state legislatures. On March 2, 2021, Virginia Governor Northam...

Are Marketing Metrics Blinded by the Light?

The great twentieth century composer and iconoclast, Igor Stravinsky, said “To enjoy to the full the conquests of daring, we must demand that it operate in a pitiless light.” (Poetics of Music in the Form of Six Lessons, 1947). Digital marketers do not seem to agree....

Marketing Technology 101 for Privacy Officers: What Is the Marketing Team Up To?

A marketer has to balance all of the tools that they're going to deploy and utilize all of the data at their fingertips. But they more and more have to be really attentive to their brand and their brand's reputation. And…data they're utilizing, and the ways in which...

Privacy Technology Implementations: Lessons Learned

Everybody views data privacy through a different lens: through your general counsel; through your technology team; or even your technology stack. “What problems were you trying to address when picking a data privacy solution?” asks Stephen Buko. Stephen is WireWheel’s...

Is This the Way the Cookie Crumbles?

Written by Rick Buck, Chief Privacy Officer, WireWheelAlmost from the beginning of the internet’s transition to an e-Commerce superhighway, cookies have been the primary way most advertisers target users online. Cookies track your browsing history, building user...

Data Privacy Day in the Years to Come

January 28 marked the annual Data Privacy Day. In recognition, WireWheel CEO Justin Antonipillai brought together a group of leading international privacy experts to discuss what changes they posit for both the near and long term. The Acting Under Secretary, U.S....

Privacy Merits Pride of Place

A lot of the way that we approach security can be applied to privacy. [Like] the methodology of ‘Defense in Depth.’ Likewise, with privacy, I think the technology and the process that you put in place can provide the same kind of maximized opportunity for spotting...

Privacy Law Update: Virginia’s Consumer Data Protection Act

Written by Rick Buck, Chief Privacy Officer, WireWheelFrom a privacy perspective, 2021 is getting off to a quick start here in the United States. Privacy bills in New York and Minnesota are moving forward. Washington’s Privacy Act is gaining energy and now has a...

WireWheel Supports Global Privacy Control (GPC)

Written by Rick Buck, Chief Privacy Officer, WireWheelRemember Do Not Track (DNT), the web browser setting that requests that a web application disable tracking of an individual user? Well, it looks like it has a new sibling, the Global Privacy Control (GPC). The GPC...

Five Privacy Predictions for 2021 from Forrester

“Before I dive in into the specific predictions...[I just want to say that] I think that privacy professionals today understand this very well, but sometimes the larger organization might struggle to see it.” Privacy is about requirements, it’s about regulation, it’s...

Consumer Retargeting: What’s the Problem?

“I admit that I don't understand.” says Alyce General Counsel Andy Dale. “I don't understand the [consumer’s] frustration and maybe it's because in law school you get pounded with this concept of damages. How is the person damaged?” He asks: What is frustrating about...

Ethical Marketing: The First Consumer Touchpoint is Trust

The AdTech industry is in a bit of a crisis. “We have a system that is out of alignment,” Hearst Magazines president and incoming IAB [1] chairman Troy Young said….The ad tech industry has tried to address the problem on its own...But those efforts have proven...

Privacy by Design

In his seminal 1965 book, Unsafe at Any Speed: The Designed-In Dangers of the American Automobile, Ralph Nader accused American car manufacturers of not only being reticent to introduce safety features, but purposefully designing in features that created unsafe...

Federal Privacy Law in 2021?

On December 9, just one week after WireWheel’s SPOKES Privacy Technology Conference, where the concept of a U.S. federal privacy law was widely discussed, the Senate Committee on Commerce, Science, and Transportation held a hearing that raised this very issue. Framing...

Data Privacy and the Pandemic

A Principled Approach Data privacy and protection has become even more top-of-mind during the COVID-19 pandemic. What were once arcane matters for cybersecurity and governance professionals, legislators, and marketers, has become public discourse. The argument for...

Another Round of Proposed CCPA Modifications

On December 10, 2020, the California Attorney General proposed new modifications to the CCPA. The proposed modifications are in response to comments received about the October 12, 2020 proposed modifications to the “final” CCPA regulations, issued August 14, 2020....

Privacy Shield: Two Key Players Discuss “What Now and Next?”

In the plenary session of WireWheel’s SPOKES Privacy Conference two central figures in crafting transatlantic data transfer protection schemata ― Bruno Gencarelli and Justin Antonipillai ― discussed where things are post-Schrems II, and where they may be headed. Bruno...

Ethical Marketing: Leveraging Data Privacy to Improve Customer Experience and Brand – Part II

As discussed in Part I of this blog, leading edge companies are looking at the trends in data privacy and recognizing two things: 1) This trend is likely to continue and 2) while it presents challenges to the marketing ecosystem as it exists today, it also presents...

Women in Privacy Lead the Way

The CIO.com article Women in tech statistics: The hard truths of an uphill battle (White, 2020) presents a mixed bag of some positive trends and very bad experiences. Consider: “According to data from the National Science Foundation,” writes White, “more women than...

Ethical Marketing: Leveraging Data Privacy to Improve Customer Experience and Brand – Part I

Since the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) came into effect (May 2018 and January 2020 respectively), the concept of “ethical marketing” has increasingly become top of mind. Of course, the immediate concern for...

Canada Introduces New Federal Privacy Bill

On November 17, the Canadian government drafted new privacy legislation that would make significant changes to their existing federal privacy laws. If passed, Bill C-11, the Digital Charter Implementation Act (DCIA), would replace Part 1 of the Personal Information...

Does Your Company Advertise on Facebook? Get the Facts About Facebook LDU, Retargeting & CCPA

Are you advertising on Facebook and are confused by its “Limited Data Use” feature? Check out our latest infographic to get a clear picture of what this means for your retargeting efforts and for tips on achieving or maintaining CCPA compliance.Facebook’s “Limited...

WireWheel + Mulesoft: Integrated Application Networks to Accelerate Privacy Compliance

Increasingly stringent privacy laws underscore the importance of proactive data management. WireWheel customers are adopting new models for data management that protect consumer privacy while making operations more efficient. As part of that effort, privacy and IT...

How Does CCPA Affect Mergers & Acquisitions?

If your company is preparing for a liquidity event or doing the due diligence associated with acquiring a business, there are privacy implications you should be considering. One consideration is the costs associated with coming into compliance of the newly purchased...

A Third Set of Modifications to the CCPA Regulations

It seems like we’ve been talking about the CCPA for a very long time. The first proposed CCPA language came out in October 2019. The California DOJ received feedback during public commentary periods and went through several rounds of modifications to the proposed...

CPRA/Prop 24: Get Ready for Risk Assessments and Audits

The California Consumer Privacy Act (CCPA) recently crystallized a new U.S. standard for data privacy. But it still falls short of meeting the requirements of many consumer privacy advocates. Some Californians are already forging ahead with a ballot initiative to...

LGPD – What You Need to Know About Brazil’s New Data Protection Law

Summary The Brazilian privacy law, LGPD, will begin to be enforced on Aug. 1, 2021. As of today, no specific regulations have been issued and no national authority is in place and we are awaiting much of the details about what will ultimately be the regulations. LGPD...

Why You Should Stick with Privacy Shield for Now

Now that the Schrems II decision is behind us and the EU-US Privacy Shield no longer provides a valid legal basis for data transfers from the EU to the U.S. does it still hold a place in the privacy story for US companies? Will the US stand up an enhanced framework...

CCPA Final Regulations Overview

On August 14, 2020, California Attorney General Xavier Becerra announced the approval of final regulations under the California Consumer Privacy Act (CCPA). The approved regulations go into effect immediately. Given that the final regulations are already in effect as...

Gartner Includes WireWheel in Three Hype Cycles for 2020

What’s the right time to invest in privacy technology? Wait too long and you’ll struggle to manage the growing volume of consumer requests and emerging privacy laws. Meanwhile, companies able to adapt nimbly to changing privacy requirements will increase consumer...

Privacy Shield Struck Down (Schrems II Decision): First Thoughts on What It Means to Your Business

JustinAntonipillaiCEO and Founder, WireWheelHaving worked on Privacy Shield, and reading the Schrems II decision today, I thought it would be helpful to share some initial reactions: Who Does This Effect? Any company collecting information from EU data subjects (does...

How to Guard Employees’ Data Privacy in the Age of Covid-19

Companies are eager to get back to business as usual and leave Covid-19 behind. But re-opening the doors to your business and welcoming back your employees won’t be so straightforward. Covid-19 is causing a new data privacy conundrum for employers. You’re expected to...

CCPA Regulations Are Finalized. What Does It Mean for Your Business?

The wait is over. California’s Attorney General (AG) has issued the final version of the California Consumer Privacy Act (CCPA) regulations. The final edition, published on June 1, 2020, is unchanged from the last draft, which was published in March. That’s a relief...

Spokes 2020 Recap

From June 17 – 18, WireWheel brought together experts across different industries for Spokes 2020, a virtual privacy and technology conference that examined pressing privacy and data protection issues that organizations are currently facing. Here's a quick overview of...

Save Time and Money with Privacy Program Automation

Where does personal data reside? In most companies, it lives in technology silos. Databases, servers, applications, zip files, and more house structured and unstructured data and are managed with inconsistent processes. What’s more, data exists in repositories that...

WireWheel Is a Strong Performer in the Forrester Wave for Privacy Management

This week Forrester Research Inc. named WireWheel a Strong Performer in Privacy Management and noted that we’re on a trajectory for leadership in the category. WireWheel is proud of the role we’re playing in helping define the privacy management industry. To be ranked...

CCPA 1.0 vs. 2.0: What’s Changing and How Will It Impact You?

The California Consumer Privacy Act (CCPA) is proving to be a moving target. There’s been lots of back and forth as the California Attorney General shares proposed changes and receives feedback in at least two rounds of comments before the July 1 enforcement date....

What CCPA’s Do Not Sell Rule Means for Your Business

Does your company sell consumer data? When it comes to the California Consumer Privacy Act (CCPA), answering that question isn’t so straightforward. Even if you don't sell lists of personal data for money, you may still be "selling" under CCPA’s broad definition of...

Leveraging Privacy as a Competitive Advantage [Infographic]

Happy Data Privacy Day! With this year’s theme emphasizing businesses to “improve their data privacy practices,” is your organization doing its part in safeguarding your consumers’ data? If you need a refresher on best practices, we’ve put together a helpful...

Your CCPA To-Do List for Today and 2020

When the California Consumer Privacy Act (CCPA) goes into effect on January 1, 2020, it will codify what we’re seeing globally: a new emphasis on the rights of consumers to own and control their personal data. Keep in mind that by addressing CCPA, you’re also...

Table Stakes for CCPA’s Do Not Sell Requirement: What You Need on Day One

CCPA’s (California Consumer Privacy Act) primary objective is giving people the ability to exercise their privacy rights, in particular, the right to opt-out of the sale of their personal information. To demonstrate that you understand their concerns, your objective...

GDPR vs. CCPA: Crucial Differences You Need To Know

All the new privacy regulations coming out are creating a complicated compliance environment that many organizations are having trouble reckoning with. Not to worry! WireWheel is here to explain the differences between these related policies so you can stay compliant...

The Ultimate Guide to DSAR: How to Respond Quickly and Compliantly

What is DSAR? Data Subject Access Requests (DSARs) give individuals the right to discover what data an organization is holding about them, why the organization is holding that data and who else their information is disclosed to. DSAR specifically is a term introduced...

What is CCPA? Requirements, Compliance, and Solutions Explained

What Is CCPA? CCPA was born from a consumer-driven ballot initiative to protect personal data privacy, much like Europe’s GDPR (though there are important differences). Rather than allow the original ballot initiative to proceed, the California legislature rushed to...

Data Classification to Support Subject Rights Requests and Proactive Privacy Management

With modern data stores decreasing the price of storage, it’s now possible to collect more data and keep every scrap. Yet, it has become increasingly difficult to know what type of data you’re collecting and which data is subject to data privacy laws. This lack of...

Our Take on California’s New Ballot Initiative

A year after his initial success with the California Consumer Protection Act (CCPA), Alastair Mactaggart is continuing to advance the privacy journey with a new California ballot initiative slated for the November 2020 election. The California Privacy Rights and...

WireWheel Privacy Management Included in Three Gartner Hype Cycles

Recognizing the influence of privacy requirements on key business and technical decisions, Gartner has placed privacy management tools within not just one but three 2019 Hype Cycles. The privacy landscape is changing rapidly and new technologies are emerging on a...

The Difference Between Privacy and Cybersecurity and Why It Matters

The terms “privacy” and “cybersecurity” are closely intertwined but they aren’t the same. Your organization needs to excel at both privacy and security to maintain customer trust and comply with regulatory requirements. Understanding how these concepts differ and how...

Keys to a Customer-Centric Privacy Experience

Keys to a Customer-Centric Privacy Experience Customer relationships have always been at the heart of a successful business. Companies that craft exceptional customer experiences outperform the market by 107.5%, due to higher revenue and lower expenses. When...

Step One for Subject Rights Requests: Verification and Authentication

Sara is the Data Privacy Officer (DPO) at a large retail company. She’s the first to admit she’s still figuring out the implications of the California Consumer Protect Act (CCPA). And the clock is ticking. CCPA gives consumers rights to access, delete, correct and...

You Don’t Have to Boil the Ocean to Achieve Privacy Compliance

When GDPR mandated Privacy Impact Assessments (PIA), lawmakers had the best of intentions. They wanted companies to understand how personal data is used in their business process. And, they wanted to see demonstrable proof – a tangible output – of privacy practices....

Rising to the Challenge of Subject Rights Requests

Data privacy laws give people rights to access, delete, correct and move the data businesses collect about them. They also require businesses to follow the DSAR procedure, promptly addressing their data requests without placing undue burden on consumers. What they...

Gartner Says We Are a Cool Vendor in Privacy Management!

We claim to be a lot of things, but we would never claim to be cool. Like all truly cool things, that should be left to the rest of the world to judge……. and they just did. Gartner just named WireWheel a Cool Vendor in their April 2019 Cool Vendors in Privacy...

Am I My Device? According to CCPA, Yes

When the alarm wakes me up, I reach for my mobile phone and check email. Next, I strap on my smartwatch. Over breakfast, I read the news on my tablet while Alexa plays some tunes. I join a conference call while driving to work and spend much of the day on my laptop....

What “State of the Art” in IT Security Will Satisfy European Regulators?

WireWheel is adding to our stable of experts on privacy! We’re excited to have Gabriela join us as a regular contributor on deeper technical topics. The European Agency for Network and Information Security (ENISA) and the German IT Security Association (TeleTrusT)...