US legal eagle: Well done, you bought privacy compliance tools. Doesn’t mean you comply with anything
Much-lauded privacy laws risk being undermined as compliance is outsourced to tech vendors and “toothless trainings, audits and paper trails” are confused for genuine protections, a New York Law School professor has said.
In a paper in the Washington Law Review, published online last week, Ari Ezra Waldman argued that recently strengthened privacy laws actually offer “false promises” for consumers.
He said that laws like the European Union’s GDPR or California’s state privacy rules are failing to deliver on their promised protections partly because of the “booming market” in tech vendors hawking privacy compliance tools.
“The responsibility for fulfilling legal obligations is being outsourced to engineers at third-party technology vendors who see privacy law through a corporate, rather than substantive, lens,” he wrote.
“Toothless trainings, audits, and paper trails, among other symbols, are being confused for actual adherence to privacy law, which has the effect of undermining the promise of greater privacy protection for consumers.” ..Read More..