How Cookie Consent May Evolve With EU’s Proposed ePrivacy Regulation

How Cookie Consent May Evolve With EU’s Proposed ePrivacy Regulation

Cookie consent is one key aspect of effective consent management. An eye to the latest EU privacy proposals on cookie consent can help teams achieve global compliance. A Recipe for Cookie Consent It’s hard to discuss EU data privacy without mentioning GDPR, but there’s another proposed regulation also on the radar. It’s called the ePrivacy Regulation. To be clear, it would not be a replacement to GDPR but a complement to it. Whereas GDPR provides an overarching framework to protect user’s personal data, the ePrivacy Regulation sets out specific guidelines for electronic communications privacy, including around cookie consent. GDPR has shown that the EU is a bellwether for global privacy standards, so understanding cookie consent expectations with the ePrivacy Regulation …

Big Tech As Its Own Privacy Regulator

Big Tech As Its Own Privacy Regulator

The privacy power-players in 2021 aren’t federal lawmakers – they’re tech giants. However, the year is young, and lawmakers already have the enthusiasm to drive privacy progress. They just need to channel it into a federal privacy law. Big Tech Calling the Privacy Shots Earlier this week, Jessica Davies succinctly summarized the current privacy situation: “Platforms, not regulators, are driving data privacy enforcement.” While state-level bills have proliferated – twenty-odd bills in 2021 alone – the lack of federal privacy legislation has allowed Google and Apple to set their own privacy standards. Davies connects the dots between many of 2021’s big privacy stories. I’d add another point to the picture. We need federal lawmakers to pursue federal privacy legislation with …

Your Guide To User Consent In Plain Terms

Your Guide To User Consent In Plain Terms

Teams need to present consent options to users in terms they can understand, and striking the balance between clarity and thoroughness is key for strong privacy ops. Here’s how your team can get there. Understanding Informed Consent In Data Privacy The cornerstone of user consent is that it is informed consent. If a user cannot understand what they are consenting to, the consent ceases to be valid in the eyes of data regulators around the world. In addition to putting your business at risk for significant fines, consent violations undermine the trustworthiness of your brand. As both users and regulators raise their expectations for respectful data practices, teams’ consent processes must be built on informed consent. Therein lies a key …

An Interview with Nelson Schoenbrot

An Interview with Nelson Schoenbrot

In civilian words, how would you describe your job? I write code to retrieve and/or delete users’ personal data when users make such a request. Sounds fun! When and how did you get into coding? In high school, there was a Visual Basic programming class that I signed up for. (Visual Basic is the name of a programming language.) And in college, I studied computer science. Is that something you thought you’d be when you grew up? As a kid, I don’t think I was aware of software development. But as a teenager, I started to see myself in tech. Who in tech did you idolize when you were growing up? Probably the standard people such as Steve Jobs, Bill …

Back To The Future (Of Consent)

Back To The Future (Of Consent)

Some historical perspective on consent management can help steer teams building for robust privacy operations today. Here are 3 steps to enable more effective consent management in 2021. What is Data Privacy if not Trust Persevering? As the concept of ‘privacy’ has evolved throughout history, consent has endured as a key demarcator of trust. On its own, consent constitutes a clear affirmation from a subject that information about their identity can be leveraged by another party. But the types of information collected, the manner of collection, and the processing of that information have all grown more complex with time. What does a nineteenth-century camera have to do with an Ethyca-powered Privacy Center? The answer – as is often the case …

Opt-In and Opt-Out: Consent Management For Global Readiness

Opt-In and Opt-Out: Consent Management For Global Readiness

To meet users’ rising expectations for data privacy, teams must first understand the basic frameworks for consent management. Different regulations apply distinct approaches to user consent, and growing companies in 2021 need to understand both approaches. Privacy Champions Need Top-Tier Consent Management Few companies in 2021 would claim that their main goal is to just get by when it comes to respecting users’ data privacy. Being a privacy champion is more important than ever, because strong privacy fosters user trust. User trust is increasingly important to successful business. Three-quarters of consumers prioritize brand trust over price in their purchasing decisions. To respect privacy, you need to build trust. And to build trust, you need to put consent management at the …

An Interview with Bianca Pasternack

An Interview with Bianca Pasternack

In civilian words, how would you describe your job? I use design to bring Ethyca’s brand to life and share what we do with the world. My job involves communicating complex privacy concepts and processes to our users, and making the privacy compliance process as painless as possible! I create clear communication and documentation to help our users understand how to use our product and to make privacy compliance approachable. That sounds like a lot to do! Can you tell us about your creative process? I try to look at things from the perspective of a person who may not know much about privacy compliance or our company. From there, I communicate the big-picture information of what they need to …

An Interview with Kelly Huang

An Interview with Kelly Huang

In civilian words, how would you describe your job? My job as VP of Product is to take input from different sources to bubble up the best ideas that will decide what our product will be when it grows up. Because our product is quite technical, it means that all of my engineering skills from a past life have been put to good use here. Understanding technical and legal and business requirements, then translating them into product requirements, and then translating them back into technical/legal/business speak – it’s all part of the job. Where do you source those ideas from? Oh you know, just the always imminent privacy legislation that’s on the docket in a dozen or so states and …

An Interview with Rachel Bernstein

An Interview with Rachel Bernstein

In civilian words, how would you describe your job? I help to make sure our customers are having the best-in-class experience with our product – fielding questions, prioritizing issues, and consulting them on all things privacy. Our solution is both complex and technical, so we want to make sure they have a thorough understanding of the product and feel supported throughout the process. Primarily, it’s about relationship-building, listening to our customers, and providing our expertise in every interaction. Internally, it’s about making sure there are strategies and processes in place for ensuring the customer lifecycle is both streamlined and effective. As a client-facing lead, I make sure Customer Success (CS) is the voice of the customer throughout Ethyca! Mentoring/coaching has …

CDPA, CCPA, And The Letter Of The Law

CDPA, CCPA, And The Letter Of The Law

Virginia’s CDPA and California’s CCPA look alike, both in their names and their overall terms. However, companies must understand where they differ in order to remain compliant and to prepare for other states’ laws. CDPA and CCPA: Siblings but not Twins On March 2, 2021, Virginia’s Consumer Data Protection Act (CDPA) became law, taking effect at the start of 2023. The second comprehensive consumer privacy law in the US, the CDPA leads a nationwide wave of state-level privacy bills. In general, the act draws heavily on the language of the California Consumer Privacy Act (CCPA). Despite similarities in their legal provisions and their acronyms, they have key distinctions in scope and enforcement. Understanding the differences between the CDPA and CCPA …