iapp.org

The Modern Sword of Damocles: Risks and Rewards of AR glasses

The ancient Greek parable of the sword of Damocles features Dionysius II, the despotic king whose wealth and power are overshadowed by his fear of capital retribution from his citizenry. One day, a ...
iapp.org

Data protection and privacy laws now in effect in 144 countries

The Modern Sword of Damocles: Risks and Rewards of AR glasses Thought for the week: Lessons learned from $2.75M CCPA settlement The IAPP Research and Insights team ...
iapp.org

AI Governance Vendor Report 2026

As organizations deepen their adoption of artificial intelligence, the need for clear and operational governance structures has never been more important. A continual theme from our ongoing AI ...
iapp.org

EU Digital Omnibus amendments to GDPR to facilitate AI training miss the mark

Editor's note: The IAPP is policy neutral. We publish contributed opinion pieces to enable our members to hear a broad spectrum of views in our domains. There are two proposed provisions in the EU ...
iapp.org

CJEU rules Meta can challenge EDPB's binding WhatsApp decision

In a significant development for the EU data protection enforcement landscape, the Court of Justice of the European Union ruled Meta can continue its litigation against the European Data Protection ...
iapp.org

Navigating the ICO’s Next Chapter: A Fireside Chat with Paul Arnold

The Data Use and Access Act 2025 will re-constitute the ICO. The ICO will no longer be a “corporation sole” (all powers vested in one person) but will be set up as a new legal entity. ICO is already ...
iapp.org

AI governance in the agentic era

This article is part of the Global AI Governance Law and Policy: Jurisdiction Overviews 2025 series, which is co-sponsored by HCLTech. The full series analyzes the laws, policies, and broader ...
iapp.org

Opting In-n-Out: Five key analyses for adtech privacy law compliance

Media companies and online businesses must comply with abundant diverging privacy and data protection law requirements across jurisdictions. With respect to targeted advertising, companies face ...
iapp.org

Iowa becomes sixth US state to enact comprehensive consumer privacy legislation

The ongoing efforts across Europe to combat explicit deepfakes, CSAM Notes from the IAPP Canada: Sensitive information, now with brainwaves Like the other state laws before it, the Iowa privacy law ...
iapp.org

Transfer Impact Assessment Templates

These templates were published to assist privacy professionals in conducting TIAs. The IAPP does not endorse any specific template. We welcome additional templates that can be shared with the privacy ...
iapp.org

How GDPR changes the rules for research

The General Data Protection Regulation (GDPR) will come into effect in the spring of 2018, replacing the Data Protection Directive 95/46/EC and imposing new obligations on organizations that process ...
iapp.org

California attorney general announces first CCPA enforcement action

There's been plenty of bark with California Consumer Privacy Act enforcement since the law entered into force January 2020 and now the bite has arrived. California ...