Show Less
You do not have access to this content

Determann’s Field Guide to Data Privacy Law

International Corporate Compliance, Third Edition

Lothar Determann

Companies, lawyers, privacy officers and marketing and IT professionals are increasingly facing privacy issues. While information is freely available, it can be difficult to grasp a problem quickly, without getting lost in details and advocacy. This is where Determann’s Field Guide to Data Privacy Law comes into its own – identifying key issues and providing concise practical guidance for an increasingly complex field shaped by rapid change in international laws, technology and society.
Show Summary Details
This content is available to you

Table of contents

International Corporate Compliance, Third Edition

Lothar Determann

About this third edition, contributors and the author
Introduction
Key terms
Key concepts
The field: data protection, privacy and security
The territory: Europe, U.S. and ROW
The species: personal data, PII and sensitive data
Activities encountered: transfers and other forms of processing
The observed: data controllers, processors
The game wardens: data protection authorities, officers
The Field Guide
1.  Starting a compliance program
Taking charge
Working with internal stakeholders and outside advisors
Appointing a privacy officer
Preparing a task list
Executing tasks
2.  International data transfers – selecting compliance mechanisms
Three hurdles
Options to clear hurdle 3 – prohibition of international transfers
Compliance mechanisms compared
Implementation
Data transfers from other jurisdictions
3.  Drafting documentation
Why are you creating the document?
Who is your audience?
Categories and examples of documentation
Notices
Consent
How to obtain valid consent
Opt-in, out and in between
Above and beyond opt-in consent
Other considerations for consent drafting
Agreements
Protocols
Questionnaires and data submission forms
Documenting decisions and compliance efforts
Government notifications, approvals
4.  Maintaining and auditing compliance programs
5.  Data privacy A to Z
Advertising
Brexit, GDPR, ePrivacy and Privacy Shield
Cloud computing
Data retention and residency requirements
Employee data and monitoring
Financial information
Government investigations, information requests
Health information
Internet of Everything, big data and data brokers
Jurisdiction
K – Contracts
Location data
Minors
Notification of data security breaches
Ownership
Privacy by design
Questionnaires
Rights, remedies, enforcement
Social media
Tracking
Unsolicited communications (spam email, cold calls, etc.)
Vendor management
Wiretapping
X-ray, genes, fingerprints, faces – biometric data
Y – Why protect data privacy?
ZIP codes, IP addresses and other numbers
Checklist: Data privacy and security compliance program
Resources
Abbreviations
Index