TrustArc + Nymity Take Center Stage at IAPP Europe Data Protection Congress in Brussels

11 25 DPC Blog

It was a busy but fantastic week for TrustArc in the Belgian capital at the annual International Association of Privacy Professionals Europe Data Protection Congress.

TrustArc began the conference with the announcement of its acquisition of privacy industry heavyweight Nymity.  The companies have joined forces to accelerate development of the next generation of technology-driven privacy solutions.  The news was received with overwhelming excitement by conference goers and news media, and will usher in incredible new content and product synergies for current and future customers.

In addition to countless conversations with friends old and new from organizations of all sizes, industries and geographies, as well as with officials from the public sector and regulatory bodies, TrustArc and Nymity also participated in the conference’s educational and information sharing efforts.  

11 25 DPC Blog HW

TrustArc SVP, Privacy Intelligence and General Counsel, Hilary Wandall, shone on the “Little Big Stage” where she unveiled the results of an IAPP-TrustArc survey report entitled “Measuring Privacy Operations in 2019.”  The survey gauged what global privacy professionals–from organizations ranging from less than 250 employees to more than 25,000 employees–have done to meet increasing data privacy compliance requirements to which their organizations are subject.  

Alongside IAPP Research Director, Caitlin Fennessy, Hilary performed a deep dive for a standing room-only audience, going over the report’s revealing findings and trends with respect to whether companies are adopting a single global privacy strategy (versus more regional or local implementations); what types of privacy impact assessments they conduct; how many privacy laws they currently must comply with; whether the companies have made any privacy-related operational changes within the last 12 months, and much more. 

11 25 DPC Blog PB

Nymity EU Operations and Strategy Director Paul Breitbarth participated on three separate panels during the conference. Paul stepped on to the Little Big Stage on Wednesday morning and explained how Nymity turns compliance data into knowledge for any team in an organisation. On Wednesday evening, Paul joined his fellow panelist to discuss “Using your Register of Processing Activities to Demonstrate Compliance.” The panel provided and examined real-world examples of the challenges faced by global organisations and what they do to overcome them. As Data Protection Congress was coming to a close, Paul joined the panel on “Artificial Intelligence: From Principles to Practice” and spoke on how companies get from overarching ethical principles to a robust legal framework.

Screen Shot 2019 11 25 at 8.56.23 AM

Darren Abernethy, TrustArc Senior Counsel, also led a session entitled “Winning with Privacy:  Implementing Consent and DSARs to Comply AND Win Customers.” The panel first overviewed the basics of digital advertising; then addressed the various “cookie”- and ePrivacy Directive-related guidances released in the last year, including by EU privacy regulators from the U.K., France, Germany and Spain; then discussed the role of third-party cookies and consent under the California Consumer Privacy Act, as well as the importance of website cookie audits (including to help make determinations as to “service provider” vs. “third party” status for vendors); and offered practical tips on how to set up compliant and responsive DSAR/individual rights programs within organizations.  

The panel spent time showing real-world examples of how cookie consent and individual rights implementations look on actual digital properties “in the wild,” providing the audience with collective insights from the panelists’ extensive experience with exactly these matters, including their use of scalable, automated technology solutions across privacy programs to account for local variations in legal requirements.

If you would like copies of slides from the above presentations, or would like to discuss how TrustArc’s Cookie Consent Manager or Individual Rights Manager may be leveraged to facilitate your company’s privacy compliance and data value maximization, we welcome you to contact TrustArc at any time for more information.

November Event Spotlight

Nov Event Spotlight

TrustArc regularly attends and hosts events around the world and online – please visit us at one or more of the following events. 


IAPP CCPA Comprehensive Live 2019
November 7
New York

The California Consumer Privacy Act will come into effect on January 1, 2020. That gives you very little time to get a lot of work done to comply with this sweeping legislation expected to carry harsh enforcement and fines.

he IAPP CCPA Comprehensive Live 2019 November 7 in New York will provide practical, in-depth CCPA-specific training presented by IAPP experts that will help operationalize your commitment to CCPA compliance.

TrustArc will be sponsoring and exhibiting at this event. Stop by the TrustArc table to say hello!

Learn more here


Privacy Insight Series Webinar
How to Comply with CCPA as Part of a Global Privacy Strategy
November 13 @ 9am PT | 12pm ET | 4pm GMT
Online Webinar

With the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other laws such as the Brazilian General Data Protection Law (LGPD), businesses must be prepared to comply with a variety of laws around the world.

Privacy is a complex, multi-level, concept which is now being regulated in more than 130 countries with more than 500 privacy laws. To be successful in complying with so many laws, businesses must develop a multi-jurisdictional approach to privacy laws that is consistent and predictable yet also not one-size-fits-all.

This webinar will help answer questions like:

  • What are the additional privacy laws outside of the GDPR and CCPA law requirements you need to be aware of?
  • How do you manage all data privacy to meet all applicable global requirements?
  • How do you implement a multi-jurisdictional custom approach to address all applicable laws and regulations?

> Register here


IAPP Europe Data Protection Congress
November 20-21

In a year of enforcement action, fines and litigation, the Congress keeps your operation a step ahead.

Europe’s top event in data protection law and policy returns to Brussels, home of the IAPP’s European headquarters, 20-21 Nov. Privacy profession will gather for wide-ranging discussions of strategic developments in regional and international data protection, plus training classes and a deep-dive workshop day preceding the main conference dates.

TrustArc Senior Counsel Darren Abernethy will be speaking on “Winning with Privacy: Implementing Consent and DSARs to Comply AND Win Customers” on 20 November at 17:00.

TrustArc will be sponsoring, speaking and exhibiting at this event. Stop by the TrustArc booth to say hello!

> Learn more here


September Event Spotlight

Sept Event Spotlight

TrustArc regularly attends and hosts events around the world and online – please visit us at one or more of the following events.


CCPA & Privacy Summit, presented by Intel®, Microsoft, IntraEdge, Truyo, TrustArc, and DLA Piper
Houston, Dallas, Costa Mesa, and Palo Alto 

An intimate series of forums to discuss the impact of the new privacy regulations and get expert help on how to operationalize your compliance.

> Request a seat by emailing Mary Anne Timothy here


IAPP Data Protection Intensive: Deutschland 2019
September 18 – September 19

Attendees will explore how to manage a privacy program, how global developments and regulations could impact your work, and hear candid discussions with German DPOs, plus federal and Bavarian DPAs. The conference will include a strong roster of expert faculty representing legal, technical, regulatory, compliance, and marketing disciplines, to address the very latest developments in data privacy taking place locally, regionally and around the world. 

TrustArc will be sponsoring and exhibiting at IAPP Data Protection Intensive. Stop by booth #6 to say hello! 

> Learn more here


TrustArc & RADAR Welcome Party during Privacy. Security. Risk. 2019 
September 23 | 6:30pm to 9:30pm
The Cosmopolitan, Las Vegas

Back by popular demand, TrustArc and RADAR are once again hosting a welcome reception at IAPP Privacy.Security.Risk 2019 in Las Vegas!

The reception will take place at the speakeasy-inspired Barbershop located within the Cosmopolitan, minutes away from the conference exhibit hall. Don’t miss this opportunity to network over a swanky cocktail at one of the hottest spots in Vegas.

> Contact your TrustArc Representative


IAPP Privacy. Security. Risk. 2019 
September 23 – September 25
Las Vegas 

The greatest data-driven products and services aren’t great until privacy is part of the equation. Come to IAPP Privacy. Security. Risk. 2019 and see how privacy and technology can work together to make innovation and data protection synonymous.

Join us in Las Vegas for a packed agenda of breakout sessions and workshops on privacy-technology convergence, insightful keynote speakers, outstanding networking opportunities, and training for career advancement. Speakers will tackle topics ranging from artificial intelligence to the Internet of things at a practical, operational level. Learn solid fundamentals such as key indicators for managing risk and conducting effective privacy impact assessments (PIAs). Move on to advanced subjects like privacy by design, artificial design, preventing “dark” data and more.

TrustArc SVP Products Michael Lin will be speaking on “Simplifying Privacy Compliance with the TrustArc Platform” on the Little Big Stage on 9/23 at 6pm. 

TrustArc SVP Privacy Intelligence and General Counsel Hilary Wandall will be speaking on “Demystifying the Role of Automated Intelligence in Privacy Management” on 9/24 at 2:45pm.

TrustArc will be sponsoring, speaking and exhibiting at Privacy. Security. Risk. 2019. Stop by booth #205 for a demo of the TrustArc Platform or schedule a demo here

> Learn more here


TrustArc Privacy Insight Series Webinar
Leveraging the Power of Automated Intelligence for Privacy Management
September 26 @ 9AM PT / 12PM ET / 4PM GMT
Online Webinar

With the increasing prevalence of privacy technology, how can the privacy industry leverage the benefits of artificial intelligence and machine learning to drive efficiencies in privacy program management? Many papers have been written on managing the potential privacy issues of automated decision-making, but far fewer on how the profession can utilize the benefits of technology to automate and simplify privacy program management.

Privacy tools are starting to leverage technology to incorporate powerful algorithms to automate repetitive, time-consuming tasks. Automation can generate significant cost and time savings, increase quality, and free up the privacy office’s limited resources to focus on more substantive and strategic work. This session will bring together expert panelists who can share examples of leveraging intelligence within a wide variety of privacy management functions.

Key takeaways from this webinar:

  • Understand the difference between artificial Intelligence, machine learning, intelligent systems and algorithms
  • Hear examples of the benefits of using intelligence to manage privacy compliance
  • Understand how to incorporate intelligence into your internal program and/or client programs to improve efficiencies

>  Register here 

TrustArc at IAPP Asia Privacy Forum – Event Recap

IAPP Asia Privacy Forum 2019 Blog

TrustArc colleagues have participated at IAPP Asia Privacy Forum since its inception in 2014, both contributing to and gaining many insights from the focus on key developments in the region and how those relate to global trends. TrustArc team members from the APAC region and U.S. headquarters attended this year’s conference as well as a number of side events. It is an exciting time for privacy in Asia and for the privacy profession, which is growing rapidly in the region. Conference attendance was more than double from the prior year with over 350 attendees from a wide variety of industries and the discussion evolving to focus on topics such as data governance, accountability, onward transfer, and localization.

The growth we are seeing in Asia is driven by individuals’ increasing confidence in using technology to engage with each other and companies, and awareness of their privacy rights.. This fact was highlighted in Raymund Enriquez Liboro’s (Philippine Privacy Commissioner) closing session keynote. He discussed how his office has received over 400 complaints over the past few months regarding a number of mobile online lending operators that contact people on an individual’s contact list if the individual fails to make their loan payment of the individual’s delinquency. It is stories such as this that show increasing use of mobile applications and other technologies to conduct transactions and awareness of privacy rights under a country’s laws.

Increasing individual awareness and use of technology puts greater responsibility on companies to ensure they have appropriate data governance controls in place. Data governance and accountability were a theme throughout many of the sessions of the conference stressing the importance of having a data governance framework in place to guide the company’s data use and management decisions, especially in the light of increased use of evolving technologies such as machine learning AI.

The other big topic addressed at the conference is the rise in localization requirements being folded into data protection laws and the impact on cross-border transfer – notably China and Singapore including localization requirements in their respective cybersecurity and data protection laws. Neither law prohibits onward transfer in the way Russia’s localization does. However, companies need to take steps to demonstrate appropriate measures are in place to either limit transfers or protections are in place such as China’s security assessment requirement to transfer personal data cross-border.

As digital services continue to grow in Asia along with individuals’ awareness of their privacy rights, data governance, accountability and the ability to demonstrate control effectiveness are going to be key priorities for companies doing business in the region.

TrustArc regularly attends and hosts events around the world and online – learn more here. 

TrustArc Sponsors and Participates at DAA Summit 19:DC

DAA Summit 2019 1

TrustArc was pleased to once again participate as a Gold sponsor in the Digital Advertising Alliance Summit–which this year returned to Washington, D.C.  

TrustArc is one of only two Approved Providers of the globally-recognized AdChoices Icon, a tool that lets consumers know and control when information about their inferred interests may be collected or used to show tailored advertising.  Hundreds of companies participate in the DAA’s YourAdChoices program, which TrustArc supports, allowing for enhanced notice and easy opt-outs from interest-based advertising.

The Summit’s first day featured a visit to Capitol Hill to share with Congresspersons and U.S. Senators the benefits of the data-driven ads ecosystem and effective self-regulation.  

Day two saw an accountability workshop focused on helping enterprise marketers and their ad partners stay abreast of legislative developments and compliance, including discussions on the California Consumer Privacy Act, malvertising/fraud, ad tech-related contracts trends, PoliticalAds and a federal privacy legislation update.  

Day three included in-depth discussions of the future of ad-supported news, the changing landscape of content and advertising, uses of data for good (e.g., helping non-profits and disaster response), algorithmic bias and over-the-top (OTT) advertising as a growing alternative to linear TV.

Darren Abernethy, TrustArc Senior Counsel, took part on a panel entitled “Brand Relevance in a Privacy-First Era.” The session focused on specifically how to think about risk and operationalize accountability as a brand, publisher, data broker or other ad tech participant.  A major premise was that an organization’s brand safety and consumer-facing reputational strength actually stems from proper privacy, data security and training practices on the backend.

Screen Shot 2019 06 10 at 12.57.17 PM

Key areas examined included:

  • Being able to demonstrate proactivity, good faith business judgment and proper data governance through the use of centralized data processing record-keeping and reporting (useful also for the C-suite, shareholders or regulators);
  • offering and regularly reinforcing granular controls to consumers rather than demanding one-time, all-or-nothing acquiescence for omni-channel marketing, cookies, etc.; and
  • developing privacy programs around a core set of controls and technology solutions that are designed to be leveraged for interoperability among global data protection laws–so that the organization need only make adjustments for local law variations, rather than “reinvent the [compliance] wheel” each time.

Other discussion points included valuing data through quantifying risk–to individuals and the organization–such as by likelihood and severity of potential harm; how to generate trust through ad tech-specific individuals rights verifications; and the significance of certifications and industry-specific codes of conduct.

To learn more about how TrustArc can help your organization with privacy compliance technology solutions, consulting or assurance programs/certifications, contact TrustArc today.

June Event Spotlight: European Data Protection Summit, DAA Summit, Infosecurity Europe, Privacy Insight Series Webinars, CCPA Workshop, and GDPR/CCPA Summit

June Event Spotlight

TrustArc regularly attends and hosts events around the world and online – please visit us at one or more of the following events.


European Data Protection Summit
June 3

Data Protection World Forum launched a new event for 2019, The European Data Protection Summit & Dinner took place on 3rd June, 2019 at a newly launched state-of-the-art event suite at 133 Houndsditch, London. This one-day event was designed to tackle the latest issues, challenges and developments that data protection, privacy and security professionals are facing in 2019. In the evening the summit transformed into an evening-dinner where attendees were able to enjoy a drinks reception, three-course meal, networking and entertainment. The European Data Protection Summit & Dinner brought together an international line-up of expert speakers who explored the latest insights and findings in data protection, governance and security.

TrustArc was a major sponsor of this event and Senior Privacy Consultant Ralph O’Brien spoke on the “What Data Are You Collecting, How Is It Stored And Used?” panel.  Ralph also spoke on the “Managing Data Flows with Third Parties” panel.

> Learn more here


DAA Summit 2019
Washington DC
June 4 – June 6

The industry has reached an inflection point. What does compliance mean when government regulation is informed by a successful self-regulatory code of conduct? DAA SUMMIT 19:DC seeks to start a conversation that will focus on answering this question and the inherent challenges for more insight into what’s next at the intersection of data, policy, and innovation. A new, holistic interplay of ideas and solutions shared between government regulation and industry self-regulation could reshape the way we create, work, and engage with our customers for decades to come.

TrustArc is a gold sponsor of the DAA Summit 2019. TrustArc Senior Counsel Darren Abernethy will be speaking on “Brand Relevance and Growth in a Privacy-First Era” on Thursday, June 6th at 11:40.

> Learn more here


Infosecurity Europe
June 4 – June 6

Infosecurity Europe is the sourcing and knowledge hub for Europe’s information and cyber security community. Featuring an interactive exhibition floor with over 400 cutting-edge suppliers, a far-reaching conference programme and a host of networking opportunities, the event brings information and cyber security to life.

Brought to you by Infosecurity Group, with over 23 years of global experience in informing, inspiring and enabling business connections in the information and cyber security industries.

TrustArc will be exhibiting at this event. Stop by stand X60 to say hello!

> Learn more here


TrustArc Privacy Insight Series Webinar
What New US State Privacy Laws Mean for your Business
June 11 @ 9AM PT | 12PM ET | 5PM GMT
Online Webinar

While the focus over the past two years has been around global privacy regulations such as the EU GDPR regulation, individual US states have been proposing — and enacting — a number of privacy-impacting laws that may affect your company in new and challenging ways. From the comprehensive California Consumer Privacy Act (CCPA) to the revisions in data breach laws in Colorado, Oregon and Vermont, it can be difficult to track these changes, and even more difficult to build a compliance program with the flexibility to adapt to the constantly changing environment.

This webinar will provide:

  • An overview of major new US state privacy laws and important pending legislation
  • An update on the discussions and atmospherics around a comprehensive US privacy law
  • Recommendations on incorporating US state privacy law compliance into a global privacy risk management program

> Register here


Wolters Kluwer and Fenwick & West Present: CCPA Workshop and Ask an Expert Special Session
Mountain View
June 13

While there has been a lot of discussion at the California Department of Justice-sponsored workshops on the nuances of the forthcoming California Consumer Privacy Act (CCPA), there are, unfortunately, more questions than answers. If that wasn’t confusing enough, now there is a looming amendment to create a private right of action for any violation of the law without a cure period.

While parts of the CCPA require you to start tracking the collection and sharing of your personal data this year (the “one-year look-back”), now is the time for action. In this unique CCPA in-person session, hear from and ask industry leaders how they are solving the 10 hardest parts of CCPA.

TrustArc SVP Privacy Intelligence and General Counsel Hilary Wandall will be a speaker at this event.

> Learn more here


TrustArc Privacy Insight Series Webinar
GDPR Compliance: Convince Customers, Partners, and The Board You Are Compliant!
June 19 @ 9AM PT | 12PM ET | 5PM GMT
Online Webinar

Many companies have invested significant time and resources trying to design and implement GDPR compliance programs. Internally, they may have generated hundreds or thousands of pages of project plans, policies, processes and reports – including records of processing, DPIA reports and much more. But how can you demonstrate to internal stakeholders, clients and partners that you have a comprehensive program and that your processes and products are GDPR-compliant?

This webinar will provide these key takeaways:

  • The current state of an official GDPR certification and codes of conduct
  • Case studies of how companies are demonstrating compliance
  • The benefits of an external third party GDPR validation

> Register here


TAG Data Governance Society presents GDPR / CCPA Summit
Roswell, GA
June 19

This premier event will provide expert guidance on the impactful GDPR/CCPA Compliance Requirements. The evening format will be a collaborative panel discussion focused on sharing knowledge/experiences/approaches, with the goal of providing the audience with tangible takeaways.

Areas of focus include GDPR and CCPA compliance knowledge sharing, insights, targeted conversations and networking opportunities with like-minded Atlanta executives.

TrustArc is a gold sponsor of this event.

> Learn more here