Get all the latest from Syrenis

See what we've been talking about in our latest blogs, supported by our global partners

A quick comparative survey of Quebec’s proposed privacy legislation

A quick comparative survey of Quebec’s proposed privacy legislation

On June 12, 2020, Quebec tabled its proposed update to its public and private sector privacy laws, and it lives up to the promise of the “GDPR-style legislation” first announced this spring. There are a number of elements that echo other federal and provincial privacy laws in Canada, but there is a very strong European flavour.

Defensive or offensive, every strategy must start with trust

Defensive or offensive, every strategy must start with trust

As digital transformation becomes mainstream, digitization is no longer a differentiating advantage. Enterprises must answer to a new set of expectations from customers, employees and business partners, and all while prioritizing compliance with tightening data regulations. To ensure they aren’t hindered by bad data – or the inability to leverage good data – companies must balance both offensive and defensive strategies.

We need to fix GDPR’s biggest failure: broken cookie notices

We need to fix GDPR’s biggest failure: broken cookie notices

The user experience of browsing the web is worse than ever. Even if you only spend a tiny amount of time online, it’s impossible to escape cookie consent notices. They’re the intrusive banners and blocks that appear each time you visit a new website that collects data about you through cookies. Each is asking the same question: will you allow this website to collect your information?

Japan enacts Amendments to the Act on the Protection of Personal Information

Japan enacts Amendments to the Act on the Protection of Personal Information

On June 5, the law amending the Act on the Protection of Personal Information was enacted. After the Cabinet order and rules of the Personal Information Protection Commission regarding the amendments are made, the new law is expected to take effect in the first half of 2022 or last quarter of 2021, although it is not clear exactly when.

Proposed CCPA would amend and strengthen existing State Privacy Laws

Proposed CCPA would amend and strengthen existing State Privacy Laws

The California Consumer Privacy Act (CCPA) is presently the strongest privacy rights act in the United States. Though it was modelled after the EU General Data Protection Regulation (GDPR) , it lacks the full spectrum of consumer protections. A proposed amendment to the 2018 ballot initiative would add some of those protections if it passes in November. Dubbed the California Privacy Rights Act (CPRA), the new bill would expand the scope of sensitive personal information, add new safeguards for minors, and establish a new independent enforcement agency among other terms.

Encryption's impact on potential liability under CCPA

Encryption's impact on potential liability under CCPA

In the last decade, California has suffered twice as many data breaches as any other state, with roughly 1,493 breaches affecting nearly 5.6 billion records. For an organization that handles the data of California consumers, adopting a robust security system is prudent.

Are IP addresses 'personal information' under CCPA?

Are IP addresses 'personal information' under CCPA?

As companies grapple with complying with the California Consumer Privacy Act, they will need to decide whether the internet protocol addresses they collect from consumers are considered “personal information” and thus within the scope of this new law. It will not be easy.

CPRA analysis: The 'good' and 'bad' news for CCPA-regulated 'businesses'

CPRA analysis: The 'good' and 'bad' news for CCPA-regulated 'businesses'

On May 4, the Californians for Consumer Privacy, led by founder Alastair Mactaggart, announced its submission to qualify the California Privacy Rights Act for the November 2020 ballot. Because of COVID-19 social distancing measures in place in California and the huge number of signatures required, the announcement surprised many political observers.

Tools for DPOs to Measure Job Efficacy and Progress

Tools for DPOs to measure job efficacy and progress

The role of Chief Data Privacy Officer (also called Data Protection Officer, CPO, or DPO) is a new but critical one for organizations who are focused on data protection and privacy. Multinational organizations may have more than one DPO who work with regional data protection authorities. As new privacy regulations appear in the US and other countries, organizations based outside of the EU have embraced this new role as well.

Grace Period for Cookies Compliance

Grace Period for Cookies Compliance

On 6 April 2020, the Data Protection Commission (DPC) published a report and separate guidance on Cookies and Other Tracking Technologies (Guidance), a key area of enforcement for the DPC. The DPC's report, which found that the majority of websites were not compliant, was based on random sweeps of websites by the DPC in a broad range of sectors including media & publishing, insurance, sport & leisure, retail, hospitality and the government sector.

Apple updates Safari’s Intelligent Tracking Prevention to block all Third-Party Cookies
The Importance of a Mature Approach to Evolving Online Privacy

The CCPA ripple effect in the enterprise: How to prepare

Data privacy is top of mind this year for many businesses. This year, security breaches have already increased by 33% and the amount of exposed records have more than doubled. Meanwhile, government-backed privacy and security regulations are requiring more transparency and enforcing higher levels of culpability from all organizations that handle data. Although the California Consumer Privacy Act (CCPA) is intended for California consumers, enterprises across the U.S. are adjusting their cybersecurity procedures and policies in anticipation of further regulations – and to avoid critical costs.

the-importance-of-a-mature-approach-to-evolving-online-privacy-thumbnail.png

The importance of a mature approach to evolving online privacy

There’s an interesting debate going on between Apple and Google. It’s focused on Apple’s Intelligent Tracking Prevention (ITP) update to its Safari web browser, which rolled out a few months ago. Designed to prevent websites from tracking consumers as they move between websites, Apple’s ITP stops certain pieces of information about site visitors from being broadcast to the other sites they visit.

Why all personal data matters when a data breach occurs

Why all personal data matters when a data breach occurs

Syrenis Founder and Product Architect, Nicky Watson, answers the question as to why it should matter to individuals when their data (and it’s generally their email) is leaked in data breaches, such as in the recent Estée Lauder breach. Well, they didn’t expose any passwords, or financial details, or anything sensitive so why would it? …

Understanding global, national and regional legislations and what to do when multiple regulations seem to apply to your organisation.

Understanding global, national and regional legislations and what to do when multiple regulations seem to apply to your organisation

Tash Whitaker, a leading Privacy Consultant, tackles the issue of global data privacy and how an organisation can comply effectively. With over 20 years of experience with Dun & Bradstreet, Cisco and Moorcrofts LLP, Tash now uses her knowledge and experience to guide organisations through their data protection journey, offering consultancy, advice, and training, as well as data protection as a service.

Introducing the Consumer Online Privacy Rights Act, a new federal privacy bill likely to spur debate and reenergize data protection discussions in Washington.

US Sens. unveil new federal privacy legislation

On Nov. 26, U.S. Sen. Maria Cantwell, D-Wash., ranking member of the Senate Committee on Commerce, Science, and Transportation, introduced the Consumer Online Privacy Rights Act, a new federal privacy bill likely to spur debate and reenergize data protection discussions in Washington.

Companies that experience a Data Breach will underperform the Stock Market over the long run
First multi-million GDPR fine in Germany

First multi-million GDPR fine in Germany

€14.5 million for not having a proper data retention schedule in place. On October 30, 2019 the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit – Berlin DPA) issued a multi million euro fine on a German real estate company, die Deutsche Wohnen SE (Deutsche Wohnen).

Preparing for India's new data protection framework

Preparing for India's new data protection framework

The long-awaited Personal Data Protection Bill, 2018 is likely to be tabled in the upcoming winter session of Parliament. However, due to growing discontent related to proposed provisions, the Ministry of Electronics and Information Technology sought comments in August from select stakeholders.

GDPR compliance in the Middle East: What you need to know
Us Senator Introduces Privacy Bill that would Jail CEO's for User Privacy Violations

US senator introduces privacy bill that would jail CEOs for user privacy violations

Senator Wyden introduces new consumer privacy bill, named the Mind Your Own Business Act (MYOBA), that puts even the EU's GDPR to shame. The bill includes clauses that will give Americans "an easy, one-click way to stop companies from selling or sharing their personal information" and grants consumers the right to see how companies use and share their data.

Pre-Checked Cookie Consent Invalid, EU Court Rules

Pre-checked cookie consent invalid, EU Court rules

Vast numbers of websites may need a redesign, following a European ruling that bans ‘tick-box’ cookie consent. The Court of Justice of the European Union (CJEU) this morning ruled that storing cookies requires internet users’ active consent. It’s not good enough, says the CJEU, to present users with a pre-checked box and require them to click it to opt out.

Cookie Consent EU Thumbnail
Picture to do with blog title

More than 20 data breaches reported per day in first half of 2019

If data breach reports evoke a sense of déjà vu these days, it’s only because breaches have almost unfailingly kept increasing in number and becoming bigger in scope quarter after quarter, year in and year out. However, the raw numbers do not always tell the full story.

Picture to do with blog title

The GDPR paradox: how data regulation creates revenue streams

As the huge data sets that companies can now leverage become ever more integrated into consumer-facing products – and as the hype dies down following last May’s General Data Protection Regulation deadline – one could be forgiven for expecting data regulation compliance efforts to be low on the list of priorities for 2019.

Picture to do with blog title

Five data strategies for your organisation to navigate GDPR compliance

Over one year on from GDPR’s inception many businesses are struggling to implement data strategies that help them to meet this challenging regulation; however, with the potential risks and loss of customer trust that you jeopardise by not safeguarding your customers’ data, now is the time to act.

Picture to do with blog title

86% of UK's most-visited websites failing GDPR compliance tests

As many as 86 percent of the top hundred most-visited websites in the United Kingdom are not compliant with GDPR requirements, be it in terms of offering privacy policies or secure usage of cookies handling potentially sensitive data, tests carried out by ImmuniWeb have revealed.

Picture to do with blog title

Data Privacy vs Data Protection: Understanding the distinction in defending your data

Data breaches cause tremendous problems, not only for the company affected, but also for its clients. Depending on the company, stolen data can range from relatively benign information to extremely personal details. But in any case, a breach can cost a lot of money for remediation and cause significant damage to a company’s image.