BBB National Programs Press Releases

  • The GDPR and Privacy Shield: Two Important Links in Your Privacy Compliance Chain

    by Cobun Keegan

    As of May 25, 2018, the EU’s General Data Protection Regulation (GDPR) is in full force. Over the past few months, we have seen companies around the world ramping up their data privacy efforts to meet the requirements of this important regulation. In the United States these efforts are often coupled with curiosity about how GDPR relates to the EU-US Privacy Shield agreement. From companies that already participate in Privacy Shield to those that are looking to add participation as part of their compliance efforts, many have questions about how Privacy Shield relates to their GDPR compliance obligations.

  • From Global Atlanta - GDPR is Coming: If You’re Selling to EU Citizens, Here’s How to Be Prepared

    Check out this informative interview with Isabelle Roccia, Commercial Specialist at the U.S. Mission to the European Union located in Belgiumwho recently was a panelist on our webinar "Countdown to EU Compliance: Tips to Navigate the GDPR"

  • EU Privacy Shield Year In Review: 2017

    by Bryant Fry

    The first full year of the new Privacy Shield Frameworks was a success for the BBB EU Privacy Shield (BBB EUPS) program, its participants, and EU consumers alike. Reflecting on the progress we have made, and looking forward to the future, we have collected some of the significant developments and accomplishments in this year-in-review blog post.

  • From the Hunton & Williams Blog - U.S. Department of Commerce Posts Update of Actions to Support the Privacy Shield Frameworks

    On March 26, 2018, the U.S. Department of Commerce posted an update on the actions it has taken between January 2017 and March 2018 to support the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks (collectively, the “Privacy Shield”). The update details measures taken in support of commercial and national security issues relating to the Privacy Shield.

  • The State of Small Business Cybersecurity in North America

    Small business owners know they are at risk for cyberattacks, but they are somewhat at a loss as to what to do. That’s one of the findings of a new report from the Better Business BureauThe State of Small Business Cybersecurity in North America. One of the more troubling findings is that half of small businesses reported they could remain profitable for only one month if they lost essential data.

    “Profitability is the ultimate test of risk,” said Bill Fanelli, CISSP, chief security officer for the Council of Better Business Bureaus and one of the authors of the report. “It’s alarming to think that half of small businesses could be at that much risk just a short time after a cybersecurity incident.”

  • From the Hunton & Williams Blog - CIPL and AvePoint Release Second Global GDPR Readiness Report

    On March 26, 2018, the Centre for Information Policy Leadership at Hunton & Williams LLP and AvePoint released its second Global GDPR Readiness Report (the “Report”), detailing the results of a joint global survey launched in July 2017 concerning organizational preparedness for implementing the EU General Data Protection Regulation (“GDPR”). The Report tracks the GDPR implementation efforts of over 235 multinational organizations, and builds on the findings of the first Global GDPR Readiness Report by providing insights on key changes in readiness levels from 2016 to 2017.

  • BBB EU Privacy Shield Director Speaks at First Annual Privacy Shield Review


    by Bryant Fry

    On September 18, 2017, the European Commission (“Commission”) and U.S. Department of Commerce (“Department”) kicked off their first annual joint review of the EU-U.S. Privacy Shield Framework (“Privacy Shield”) about one year after its launch in July 2016.  To aid in the review, the Department invited representatives of two independent recourse mechanisms, including CBBB Vice President and BBB EU Privacy Shield Director Frances J. Henderson, to speak about their experiences and those of their participating companies during the first year of the Privacy Shield.

  • From IAPP - What does territorial scope mean under the GDPR?

    Determining an organization’s applicability under the General Data Protection Regulation is a complex topic, and many are left a bit confused  while researching applicability under the monumental regulation. Oftentimes, there’s conflicting information as to whether it applies to a specific organization. The expansive coverage of the GDPR by itself can intimidating, but, by breaking down the fundamentals into smaller, more manageable sections, we can start making better decisions on its applicability and craft a compliance framework based on a solid foundation.

  • From IAPP - Operational Impacts of GDPR

    The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December 2016, is set to replace the Data Protection Directive 95/46/ec. Although many companies have already adopted privacy processes and procedures consistent with the Directive, the GDPR contains a number of new protections for EU data subjects and threatens significant fines and penalties for non-compliant data controllers and processors once it comes into force in the spring of 2018. In this 10-part series, the IAPP Westin Research Center outlines specific provisions of the regulation.

  • Leading Food companies deliver excellent compliance on their kids’ food advertising commitments