PI vs PII: How CCPA Redefines What Is Personal Data

The California Consumer Privacy Act of 2018 (CCPA) is the first-of-its-kind U.S. law that gives greater privacy rights to consumers who reside in the state. Borrowing many of the core principles of the European Union’s General Data Protection Regulation (GDPR), the Act enshrines significant rights for consumers by granting them unprecedented control over their personal … Continued

BigID + OneTrust: Bridging The Privacy Office With IT

GDPR elevated the problem of privacy with consumers and the corporations that serve them. Often forgotten in the recitation of the acronym is that the D and P in GDPR stand for Data Protection. The purpose and point of the regulations along with many similar laws recently enacted is not just to define better privacy … Continued

BigID Wins Award for Excellence in Data Privacy

Building upon our strong end to 2018, we are happy to share that BigID has been selected as the Gold winner in the 2019 Info Security Product Guide’s Global Excellence Awards for the “Privacy Solutions” category. With the continued global adoption of privacy laws such CCPA, NYDFS, LGPD and others, we remain committed to helping … Continued

Consent Governance: Moving From Process to Purpose via Data Intelligence

As the dust clears since the EU GDPR came into effect, and most companies come to terms with managing their consent collection processes, many are increasingly finding themselves struggling with how to transition those consent agreements into a practical control for application processing and data holders. Much of the focus around consent has been on … Continued

The Advent of Privacy Engineering

Move over privacy attorneys, analysts, consultants, CPOs and DPOs. Let’s make room for the Privacy Engineers who can facilitate the technical implementation of privacy and data protection by design and default into products and services. Welcome, the emergence of Privacy Engineering. The field of privacy has typically been the realm of lawyers and consultants responsible … Continued

Rethinking Data Classification For The New Era of Privacy

It’s rare to spot a flip phone these days when smartphones are practically ubiquitous.  Yet, in the realm of data security, where precision and context are critical, too many are still using flip phone technology to discover, understand and classify personal data. In the flip phone era, classification was intended as a means to an … Continued

From Big to Bigger: BigID Gets Scale to Tackle Global Privacy Problems

GDPR is now the law in Europe. Similar privacy regulations have also been enacted in far-flung countries around the world, including China, South Korea, Australia, Japan, and Canada, to name some. And in the US, recent privacy controversies has spawned new privacy bills in Congress and privacy propositions in California. All this regulatory change reinforces … Continued

Big is the new Cool: BigID Named a Gartner 2018 Cool Vendor for Privacy Management

Following on the heels of our recognition as the winner of the RSAC Innovation Sandbox, we are doubly thrilled that BigID has been selected by leading analyst Gartner as a Cool Vendor in the firm’s inaugural report focusing on innovative and impactful vendors in the Privacy Management market. BigID was founded and developed based on … Continued

Privacy Protection grabs the 2018 RSA Security Conference Limelight

For too long, privacy protection has been a security backwater. That is changing. Not only because of the introduction of regulations like EU GDPR intended to entrench data privacy accountability and transparency, but also because customers, consumers and companies have come to realize that they need to balance the risk and reward of digital data … Continued

The repeal of the FCC’s broadband privacy rules; will it hold?

On Monday April 3rd , U.S. President Donald Trump signed a repeal of the rule submitted by the Federal Communications Commission (FCC) last year relating to protecting the privacy of customers of broadband and telco Services. The rule, which passed last year and was on track to enter into effect shortly, would have required internet providers … Continued

The Risky Business of Privacy Risk

The EU GDPR at its heart is about privacy risk. Avoiding privacy violations is about understanding and mitigating privacy risk. But what is privacy risk? The EU GDPR references it 75 times but never elaborates how to measure it. Yes, it warns that risky behavior includes large-scale data processing with the intent of personal profiling. … Continued

Privacy Impact Assessments: Ensuring They’re More Than Just Words

A Privacy Impact Assessment, or PIA, is an analysis of how personally identifiable information is collected, used, shared, and maintained by an organization. PIAs are meant to help companies ensure their personal data collection and usage meet privacy regulatory requirements, validate use of mandated data protection technology, measure risk and verify consent capture. Some companies … Continued