Download free GDPR compliance checklist!

Tag Archives for " privacy "

Instant Messaging Apps that values Privacy and Security

There have been mixed emotions and voices with regards to the privacy and safety of users’ data on platforms owned by Mark Zuckerberg – especially WhatsApp and Facebook.

A recent update to WhatsApp’s privacy policy states that that all the Metadata of its users can be shared with other apps – meaning that WhatsApp will monitor a user’s online activity, save for the conversations which are end-to-end encrypted. 

Continue reading »

Data Protection Day 2020

On 26 April 2006 the Council of Europe decided to launch a Data Protection Day to be celebrated each year on 28 January, the date on which the Council of Europe?s data protection convention, known as ?Convention 108?, was opened for signature. That was first legally binding international law in the field of data protection. Data Protection Day is now celebrated globally and is called Privacy Day outside Europe.

Continue reading »

COPPA Compliance ? Steps by Companies to Protect Children?s Privacy

The Children?s Online Privacy Protection Act (COPPA) is a law created by the Federal Trade Commission to protect the privacy of children, specifically those under the age of 13. This legislation mainly requires parental consent for the collection or use of personal information of children and then outlines the responsibility of companies and websites in order to best protect these children.

The law was passed to address the growth of online marketing techniques that targeted children due to their lack of understanding of the potential negative outcomes of revealing their personal information online. In order to comply with COPPA and rightfully protect children?s personal information, companies are held to high standards in their practices. If your company falls under the scope of COPPA, the following steps will help you comply with this federal law.?

1. Clearly Display Parental Consent Options.?

Parental consent is necessary if your site engages with users under the age of 13 who may share their real identity with other users. In order to provide this consent, parents must submit a signed consent form, make a monetary transaction, call a toll-free phone number, or show identification to the company. Make these options easily accessible for the parent on the company?s website or app. Clear displays of this compliance will ensure your company is following COPPA law. 

2. Implement Information Security Procedures.?

COPPA mandates that organizations implement and maintain information security procedures in order to carry out its laws. Some steps towards these secure procedures include ensuring that third parties to whom children?s personal information is released also have the capacity to maintain the security and confidentiality of this information. Your company might have the means to protect this data but ensuring that the entities the information is shared with are also capable of this level of protection is vital. 

3. Securely Dispose of Unnecessary Data.?

If your company does not need to retain certain personal information, security procedures for properly disposing of this data are crucial. Personal information should only be retained for as long as reasonably necessary, and once said data is not needed, it should be properly disposed of. Unsecure disposals of information which are then attained by other entities could lead authorities back to your company, and ultimately your company may be deemed non-compliant with COPPA. If possible, minimize the amount of personal information collected to avoid problems like these. 

3. Honor Parents? Rights Regarding Their Children?s Information.?

Even if you have the parent?s consent, it is still important to recognize that they have ongoing rights to their children?s information. If a parent asks a company to do so, the company must allow them to review the personal information collected, provide them a way to revoke their consent, and delete their child?s personal information upon request. COPPA provides extensive protection for children and their parents and allows for revocation of consent no matter when or how the consent was originally provided. No data collected is as important as maintaining a good relationship with consumers and adhering to COPPA.  

COPPA is intent on protecting children under the age of 13 and will certainly crack down on companies who do not implement or maintain procedures to comply with the law. These 4 steps will go a long way towards preventing your company from violating COPPA and towards helping you protect children.??


At oneDPO, we solve privacy engineering problems and help companies approach privacy the right way. Currently, we provide tools to help Data Protection Officers (DPOs) handle Data Subject Requests (DSARs) at scale.

Personal Data Sharing: Are We Really in Control?

The latest controversy surrounding personal data and how it?s shared has served as a tremendous eye opener regarding how much control we really have over our personal data online. We would like to think that the implementation of the GDPR earlier this year would tip the balance in our favor?but instead, the situation is foggier than ever, and the struggle over the control of our data is only just beginning.

Continue reading »

What can we learn from Google €50 million fine?

On 21 January 2019, French data protection authority Commission Nationale de l?Informatique et des Libert?s (CNIL) imposed a penalty in amount of ?50 million onGoogle?s U.S. headquarters ? Google LLC ? for infringements of General Data Protection Regulation (GDPR). Specifically, for lack of transparency, inadequate information and lack of valid consent regarding the ads personalization.

Continue reading »

Happy Data Protection Day!

Today is international Data Protection Day. Yes, that?s official day! Data Protection Day, or as it is called outside Europe ? Privacy Day, is celebrated each January 28th already since 2007.

Continue reading »