Despite a modest fine, a settlement this week between Connecticut and online marketplace TicketNetwork over potential violations of the state's Data Privacy Act (CTDPA) (see 2507080010) includes significant takeaways, privacy professionals said. However, a consumer advocate said the $85,000 penalty -- the first under the CTDPA -- also shows how comprehensive privacy laws based on Connecticut's model don't do enough to protect consumers.
Compliance Techniques
Compliance techniques encompass the strategies, tools and processes organizations use to meet evolving privacy and data protection requirements. Privacy engineers, chief data protection officers and compliance teams deploy methods such as data mapping, privacy impact assessments and automated monitoring to align with new laws in the U.S. and abroad. These techniques help avoid costly enforcement actions and build trust by embedding privacy by design into products and operations.
The Asia-Pacific (APAC) region appears to be taking a different approach to AI regulation and governance than the EU and U.S., privacy professionals told Privacy Daily.
The Danish EU presidency, whose six-month term began Tuesday, "will be a springboard for several consequential initiatives for digital responsibility professionals," IAPP Managing Director Europe Isabelle Roccia said in a statement.
Managing AI privacy concerns in an organization requires expanding existing frameworks but also increasing collaboration across the business in acknowledgment of AI's wide potential to touch many areas, panelists said during an IAPP webinar on Tuesday.
It was “absolutely necessary” for the Irish Data Protection Commission to seek high court relief blocking X from using EU users’ data to train its AI system, DPC Deputy Commissioner Graham Doyle said Friday.
A multistakeholder approach to global privacy certification is "critical," Shannon Coe, Global Cross Border Privacy Rules (GCBPR) Forum chair, said Wednesday at an IAPP webinar. The key is incorporating as many common privacy principles as possible into certifications while respecting different approaches, Coe added.
Brandon Pugh will be principal cyber adviser for the U.S. Army, he announced via a LinkedIn post Monday. Pugh was previously on the cybersecurity and emerging threats team at R Street Institute, and served on IAPP’s Research Advisory Board.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
Cari Benn has taken over as chief privacy officer at Microsoft, she announced on LinkedIn Friday. She previously served as associate general counsel-privacy, accessibility and regulatory affairs. Former Microsoft chief privacy officer Julie Brill stepped down at the end of May to launch a consultancy (see 2505300023). In an interview with Privacy Daily last April (see 2504300026), Benn supported regulatory efforts to simplify compliance with privacy laws globally amid what she called a "regulatory tsunami."
Brittney Justice is Valvoline's global head of privacy, legal, she wrote in a LinkedIn post Tuesday. Previously, Justice was an IAPP Privacy KnowledgeNet chapter chair and a privacy attorney at Baker McKenzie.