GDPR. CCPA. CPRA. DPA. ASJDF. Okay, I made the last one up. Because these days, the myriad privacy regulations that in-house attorneys must be familiar with looks like alphabet soup.
EU and California are top of mind, but what about the rest of the world? The trend is clear: Privacy regulations are emerging everywhere and global businesses must pay attention beyond their own borders.
Top recommendations from in-house counsel
As an in-house counsel with slim resources, how do you keep abreast of these changes without spending a fortune?
I asked my in-house network on LinkedIn to share their secrets.
First learning: People are passionate about privacy. More than 25,000 people viewed the post (including more than 400 general counsels), and over 80 commented with their go-to resources.
Second, there are so many great resources on privacy laws and regulations that don’t charge you by the six-minute increment, or for an expensive subscription. If you’re looking for a place to start, check out the free resources below.
And if I missed your favorite resource, please find me on LinkedIn and share!
Free resources on global privacy regulations
All resources are listed in alphabetical order.
Law firm handbooks on privacy and security
Large global law firms maintain robust resources as a part of their client development efforts. If you get the call that your business wants to launch a service tomorrow in seven countries—you know, the typical run of the mill daily in-house legal request—these are a great place to start:
- Baker McKenzie’s “Global Data Privacy & Security Handbook” is a comprehensive resource and allows you to run a comparison across countries—your own global survey on specific issues for free.
- DLA Piper’s “Data Protection Laws of the World” also provides robust resources and comparison features.
- Linklater’s “Data Protected” provides resources for 50+ countries.
Another resource comes from companies that sell compliance solutions. Like law firms, these companies offer nuggets of free information before purchase. One example is OneTrust’s Data guidance.
Blogs, news sites, and enforcement trackers
Many law firms also have blogs that will push updates to you via email. Here’s a sample:
- DLA Piper “Privacy Matters”
- Kelley Drye “Ad Law Access”
- Perkins Core “Perkins on Privacy”
- Proskauer “Proskauer on Privacy”
Other sites track the latest relevant cases and regulatory enforcements:
- CMS’s “GDPR Enforcement Tracker”
- GDPRhub wiki
- Perkins Coie has a CCPA (California) enforcement tracker
Data protection webinars and podcasts
One of my favorite ways to dig into a new area are webinars (especially when they have free CLE attached). Check out:
- The Future of Privacy Forum (for both webinars and legislative resources)
- Jessica Nguyen, Lexion’s CLO, recently hosted two webinars on how to redline data processing agreements (specifically for in-house teams): “How To Redline SaaS MSAs And DPAs” and “Rumble in the Redlines: How To Redline And Negotiate DPA's For In-House Counsel”
Lastly, there are privacy podcasts to accompany you on your morning walk or commute. This is just a small sample—search for “Privacy” wherever you get your podcasts and you’ll see a number of relevant shows to try:
- IAPP: The Privacy Advisor Podcast
- ADCG on Privacy and Cybersecurity
- The Data Diva Talks Privacy
- The Privacy Beat
Stay in the loop
What resources did we miss? Let me know and we’ll update this list over time with more go-to in-house privacy reference sources.
Note that while these websites have been recommended by privacy lawyers, like anything on the internet, review free legal resources through an appropriate lens. This column isn’t legal advice and neither are these resources. For specific issues, please consult with a privacy attorney.