Data Privacy Law: A Practical Guide

WHAT DO TARGET, GOOGLE, APPLE and SAMSUNG ALL HAVE IN COMMON?

If you answered multimillion-dollar fines for data privacy violations, you’d be right.

But you don’t have to be Google to face a crippling lawsuit that could threaten the future of your business.

Second Edition released in October 2017 and written in accessible language by experienced US and internationally-qualified professionals, DATA PRIVACY LAW: A Practical Guide  (ISBN: 978-0-9995127-1-5, US$49) enables practitioners to develop a quick and comprehensive understanding of your company’s legal obligations to protect client data.

Data Privacy Law: A Practical Guide answers questions like

  • Which are the key data privacy law standard-setting bodies in the US and internationally?
  • Does cross-border selling expose you to data privacy compliance risks in foreign countries?
  • Can you effectively offload your legal responsibilities to protect customer data to outsourced third-party service providers like web hosts and payment processors?
  • How do online marketing strategies like re-targeting affect your exposure to data privacy laws?
  • What are your legal obligations after discovering a data privacy breach?
  • What legal risks are involved in Web-based file sharing services like Dropbox?
  • At what stage must you appoint a Data Protection Officer?
  • How to document your company’s compliance with its data privacy policy?
  • … and many more

CONCRETE EXAMPLES are introduced throughout the text and are annotated to illustrate the implications of applicable laws on data privacy policies.

ESSENTIAL SUMMARIES ensure that key applicable data privacy laws of the US, Canada, EU, Australia and key emerging markets, are taken into account when designing your company’s data protection policies.

We also provide specific recommended courses of action to follow to mitigate liability following a data privacy breach.

We cover both CONSUMER and COMPANY data privacy and protection rules.

If you are creating, managing or complying with data privacy policy in an organization, this book was written for you.

BUY THE eBOOK NOW

Data Privacy Law: A Practical Guide is co-written by

Gwen “Wendy” Kennedy BA, JD, LLM (Cantab). Wendy is an international attorney specializing in assisting multinational enterprises in managing their global risks, particularly in relation to compliance, data privacy, and taxation. She is a former university lecturer in international law and is a qualified attorney in the US and a solicitor in the UK.

Leighton Peter Prabhu BCom MPhil (Cantab) CA CPA. Peter is a public accountant, auditor and financial advisor who has worked with clients in more than 25 countries. Peter is particularly experienced in the cross-border e-commerce sector and has worked with both startups and some of the largest international financial institutions.

Content Overview

Chapter One provides an overview of data privacy. Answering a few of the more frequently asked questions, including, who needs a data privacy policy, what is the difference between data privacy and data security and where liability may arise. 

Chapter Two examines data privacy laws in both the U.S. and Canada. 

In Chapter Three the EU General Data Protection Regulation is introduced. The GDPR, when implemented, will be the most stringent data privacy laws in the world and will form the basic tenets for most data privacy laws around the world. 

Chapter Four outlines regional trends around the globe and discusses how data privacy laws differ from country to country, in some cases causing multijurisdictional conflicts. 

Chapter Five examines outsourcing, business-to-business (“B2B”) issues and data breach insurance. 

In Chapter Six you will find information on what to do in the case of a data privacy breach, how to prevent incidences and reduce risks. 

Chapter Seven sets out what substantive provisions should be included in a data privacy policy and how to draft a policy that conforms with the strictest data privacy laws that might be applicable to your business. It includes suggestions on how to streamline your data privacy policy to maximize the compliance in jurisdictions with less rigorous laws.

BUY THE eBOOK NOW

DATA PRIVACY LAW: A Practical Guide
Table of Contents

Preface
Content Overview
Acknowledgements
About the Authors

Chapter One: Who Needs a Data Privacy Policy?

Introduction
What is the Difference Between Data Privacy and Data Security?
Why Do Businesses Collect Personal Information?
Is the Need for a Data Privacy Policy Urgent?
Two Case Studies: Toysmart and DoubleClick
Use of Third-Party Vendors
Who’s in Charge?
What is a Data Protection Officer?
Who Needs a Data Protection Officer?

Chapter Two: Compliance with Data Privacy Laws: A Survey of U.S. and Canadian Law

Introduction
United States Data Privacy Laws
Canadian Data Privacy Laws

Chapter Three: EU Data Protection Legislation

Introduction
EU Historical Concern for Data Privacy and Protection
The General Data Protection Regulation (“GDPR”)
The Governing Principles
Data Transfers Outside the EU

Chapter Four: Regional Trends and Multijurisdictional Conflicts

Regional Trends
Multijurisdictional Conflicts in Data Privacy Laws

Chapter Five: Outsourcing

Introduction
Use of a Cloud Service Provider to Collect, Store and Transfer Information
Data Breach Insurance

Chapter Six: Responding to an Incident

Incidence Response Timing and Process
Training
Data Retention and Disposal
Enforcement Actions

Chapter Seven: The Data Privacy Policy

Introduction
What Should Be Included in a Data Privacy Policy?
Contents
Data Classification
Combining Personal Information from Multiple Sources
Collecting and Processing Personal Information
Required Provisions
Sample Privacy Policy Template

Endnotes

How to Stay Updated

Additional readings relating to data privacy from our blog