WHAT DO TARGET, GOOGLE, APPLE and SAMSUNG ALL HAVE IN COMMON?
If you answered multimillion-dollar fines for data privacy violations, you’d be right.
But you don’t have to be Google to face a crippling lawsuit that could threaten the future of your business.
Second Edition released in October 2017 and written in accessible language by experienced US and internationally-qualified professionals, DATA PRIVACY LAW: A Practical Guide (ISBN: 978-0-9995127-1-5, US$49) enables practitioners to develop a quick and comprehensive understanding of your company’s legal obligations to protect client data.
Data Privacy Law: A Practical Guide answers questions like
- Which are the key data privacy law standard-setting bodies in the US and internationally?
- Does cross-border selling expose you to data privacy compliance risks in foreign countries?
- Can you effectively offload your legal responsibilities to protect customer data to outsourced third-party service providers like web hosts and payment processors?
- How do online marketing strategies like re-targeting affect your exposure to data privacy laws?
- What are your legal obligations after discovering a data privacy breach?
- What legal risks are involved in Web-based file sharing services like Dropbox?
- At what stage must you appoint a Data Protection Officer?
- … and many more
CONCRETE EXAMPLES are introduced throughout the text and are annotated to illustrate the implications of applicable laws on data privacy policies.
ESSENTIAL SUMMARIES ensure that key applicable data privacy laws of the US, Canada, EU, Australia and key emerging markets, are taken into account when designing your company’s data protection policies.
We also provide specific recommended courses of action to follow to mitigate liability following a data privacy breach.
We cover both CONSUMER and COMPANY data privacy and protection rules.
Data Privacy Law: A Practical Guide is co-written by
Gwen “Wendy” Kennedy BA, JD, LLM (Cantab). Wendy is an international attorney specializing in assisting multinational enterprises in managing their global risks, particularly in relation to compliance, data privacy, and taxation. She is a former university lecturer in international law and is a qualified attorney in the US and a solicitor in the UK.
Leighton Peter Prabhu BCom MPhil (Cantab) CA CPA. Peter is a public accountant, auditor and financial advisor who has worked with clients in more than 25 countries. Peter is particularly experienced in the cross-border e-commerce sector and has worked with both startups and some of the largest international financial institutions.
Chapter Two examines data privacy laws in both the U.S. and Canada.
In Chapter Three the EU General Data Protection Regulation is introduced. The GDPR, when implemented, will be the most stringent data privacy laws in the world and will form the basic tenets for most data privacy laws around the world.
Chapter Four outlines regional trends around the globe and discusses how data privacy laws differ from country to country, in some cases causing multijurisdictional conflicts.
Chapter Five examines outsourcing, business-to-business (“B2B”) issues and data breach insurance.
In Chapter Six you will find information on what to do in the case of a data privacy breach, how to prevent incidences and reduce risks.
DATA PRIVACY LAW: A Practical Guide
Table of Contents
About the Authors
What is the Difference Between Data Privacy and Data Security?
Why Do Businesses Collect Personal Information?
Two Case Studies: Toysmart and DoubleClick
Use of Third-Party Vendors
Who’s in Charge?
What is a Data Protection Officer?
Who Needs a Data Protection Officer?
Chapter Two: Compliance with Data Privacy Laws: A Survey of U.S. and Canadian Law
United States Data Privacy Laws
Canadian Data Privacy Laws
Chapter Three: EU Data Protection Legislation
EU Historical Concern for Data Privacy and Protection
The General Data Protection Regulation (“GDPR”)
The Governing Principles
Data Transfers Outside the EU
Chapter Four: Regional Trends and Multijurisdictional Conflicts
Multijurisdictional Conflicts in Data Privacy Laws
Chapter Five: Outsourcing
Use of a Cloud Service Provider to Collect, Store and Transfer Information
Data Breach Insurance
Chapter Six: Responding to an Incident
Incidence Response Timing and Process
Data Retention and Disposal
Combining Personal Information from Multiple Sources
Collecting and Processing Personal Information
How to Stay Updated
Additional readings relating to data privacy from our blog
- How do Changes to UK Consumer Law Affect E-commerce Businesses?
- Outsourcing Data Management: The Risk
- Google Facing Lawsuit for Scanning Data of Students
- Employees Need to Understand Data Security Risks
- France is finished with Big Data Privacy Violations
- New Australian Privacy Laws for Businesses: The Highlights
- Data Protection: Where does “Processing” Occur?
- A Presumption of Consent – The Cookie Conundrum
- What Can Be Learned from Google’s Missteps
- U.S. FTC Cracks Down on Customer Data Privacy Violations
- Data Privacy and Consumer Analytics
- You Don’t Need to be Target to Get Sued Over Data Privacy Violations
- 2014: Data Privacy and a Big Boon for EU Companies
- Data Privacy in the Cloud
- Should Marketing Companies Pay for the Right to Use Personal Information?
- Does One Size Fit All? Data Privacy Considerations in Global Transactions