A transparent approach to privacy policies

Richard Beaumont’s article “Transparency Should Be the New Privacy” echoes a point I’ve also been making recently: data protection or privacy is mostly about transparency and trust. Sure, compliance is essential but from a data subject or consumer’s perspective, how transparent you are about how your process the data subject’s personal information and whether your... Continue Reading →

EU and US data protection regimes compared

Phil Lee at the Privacy and Information Law Blog has a great comparison of European and American data protection regimes which is worth reading. This is particularly relevant to South Africa as the Protection of Personal Information Act places some emphasis on transferring personal information to countries with compatible data protection systems.

Your connected home knows you intimately and, soon, so will Google

Google's business model, like many other consumer-facing companies' business models, are changing to become far more context aware. We're seeing that in apps that know our location and where we are going next and warn us when to leave to make it on time. That just scratches the surface and this trend can be tremendously helpful and useful if we can be sure that our personal information is not being abused or vulnerable to exploitation.

POPI compliance and your plan to fail

Unfortunately many companies may have left their preparation too late, especially the larger companies, and have not yet established a complete set of practices and processes to ensure their compliance with POPI’s many requirements. Although companies will likely have a year before many of POPI’s compliance requirements go into effect, a year is simply not enough time to prepare adequately. Compliance isn’t just a matter of writing a privacy policy and publishing that. In order to comply with POPI, organisations have to ensure that all their underlying processes are aligned with POPI’s requirements. In this sense a privacy policy is really more of a description of a series of data protection practices which have been implemented throughout the organisation. If there is a disconnect between your organisation’s practices and processes and what the privacy policy describes, the consents you are hoping to obtain through the privacy policy will amount to little more than lip service to the legislative framework it serves.

That’s my data you’re fondling

TechCentral published an article by Richard Mullins, titled "Data, the hidden treasure in publishing" which raises a number of important issues. The premise of the article and the challenge facing publishers is nicely summarised in these two paragraphs in the article: Their biggest hope of making money lies in unlocking the value of the reams... Continue Reading →

Powered by WordPress.com.

Up ↑