iapp.org

EU cybersecurity reboot: Practical impacts of the proposed NIS2 and CSA2 reforms

Cybersecurity law is no longer treated as a purely technical compliance exercise, but increasingly as a matter of enterprise risk management and corporate governance. The goals are straightforward: ...
iapp.org

IAPP updates its US state breach notice resource

The IAPP just updated its chart outlining the state data breach notification laws in the United States. Some interesting comparisons and observations emerge. Sending notices to consumers when their ...
iapp.org

Notes from the IAPP Europe: Digital Omnibus package developments, end to voluntary CSAM detection and more

The IAPP is policy neutral. We publish contributed opinion pieces to enable our members to hear a broad spectrum of views in our domains. March ends with the beginning of the next stage in the ...
iapp.org

Thought for the week: President Trump's Cyber Strategy for America, a baseline quietly reset

How President Trump's Cyber Strategy for America reflects a quiet reset of the baseline for U.S. government plans to use defensive and offensive cyber capabilities to protect U.S. companies. The IAPP ...
iapp.org

Digital governance in 2026: Entropy and regulatory complexity

Take part in this year's IAPP Governance Survey to share your experience and receive actionable insights you can use in your day-to-day role. This year's survey looks at privacy governance, compliance ...
iapp.org

Trans-Atlantic data flows, the CBPR and AI: A conversation with the International Trade Administration's Bill Guidera

IAPP Editorial Director Jedidiah Bracy caught up with ITA's Bill Guidera to discuss how the DPF is faring, the Latombe legal challenge to the framework and more. The complexity and significance of ...
iapp.org

NetChoice v. Fitch: Round two and consequences for online anonymity

The IAPP is policy neutral. We publish contributed opinion pieces to enable our members to hear a broad spectrum of views in our domains. In early February, the U.S. Court of Appeals for the Fifth ...
iapp.org

A practical roadmap: Conducting personal information protection compliance audits under China's PIPL

Organizations are increasingly expected to demonstrate a defensible scope, an evidence trail and a remediation plan under requirements to audit personal information processing for legal compliance ...
iapp.org

IAPP organizational membership

No matter where your enterprise fits in the digital responsibility landscape, there is an IAPP membership that meets your needs. Transform your organization and unlock your company’s potential with ...
iapp.org

Privacy Governance Report 2024

Take part in this year’s IAPP Governance Survey to share your experience and receive actionable insights you can use in your day-to-day role. This year’s survey looks at privacy governance, compliance ...
iapp.org

Making AI work for privacy: How to scale privacy operations with secure AI

In 2026, privacy regulations are multiplying, enforcement risk is rising and headcount growth remains constrained — all while AI capabilities continue to mature. For privacy leaders, the question is ...
iapp.org

How a hybrid approach to AI sovereignty is shaping EU digital policy

In response to the Draghi report, weakened transatlantic cooperation and an AI arms race between the U.S. and China, the EU has been working fastidiously to bolster its technological independence. As ...