The CIPP Guide provides reliable and accurate information to the privacy professional arena. We hope individuals seeking the Certified Information Privacy Professional designation will find further substance specifically targeted at their CIPP pursuit.
Please review the user agreement for the forums and testing services.  CIPP Guide requires registration before use of the testing services.  We hope you find this service useful, and good luck on the exam!


Yik Yak App: Anonymity vs Privacy

Use of a popular app among college students has some users behind bars and others questioning how anonymous the program really is.  Yik Yak, developed in 2013, provides users a real-time feed of comments from people around them geographically.  Simply type in your cell phone number, and share thoughts, jokes, questions, etc. with those around you.  Users may also choose to search other communities to see what people are saying in other places.

However, not everyone uses the free app just for fun.  Just this month, two students at two separate universities were arrested for making racially charged threats on Yik [...]


Hacking Siri

With a simple “Hey, Siri,” iPhone users have a hands-free helper who can look up an address, call someone, or launch an application.  Android users speak to GoogleNow to check weather, traffic, or text by voice. Voice command technology makes hands-free use simple and easy, but it can leave the devices open to silent electronic warfare.  Researchers in France have demonstrated the ability to hijack phones, view contacts, post to social media, read and send emails, and even eavesdrop on conversations.  They call it “a new silent remote voice command injection technique.”


Speaking Without Saying a Word 

Someone as far away [...]


Safe Harbor Declared "Invalid"

There will be some significant changes on the horizon regarding how private information is transferred between European Union nations and the United States.  Modifying the flow of data across these international borders may have a negative impact on commerce and has the potential to affect all European technology users. On October 6, 2015, the European Court of Justice found invalid “Safe Harbor,” the framework for how United States companies transfer personal data of European Economic Area citizens.


Back to the Beginning:  The Data Protection Directive

Part of the European Union privacy and human rights law, the Data Protection Directive was adopted by [...]


TSA Sentry Locks and the Analogs with Cryptography

After several months of speculation and chatter, the pictures originally posted as part of a Washington Post article on the TSA and subsequently removed, has resulted in key templates posted on GitHub.  This example of government controlled keys aligns with the September Wired magazine article by Matt Jancer regarding TrueCrypt and how it is one of the few (Jancer suggests only) cryptographic programs provably (through the Open Crypto Audit Project) without a backdoor. Although not directly correlated at first blush, there is a significant lesson to be learned.

While there are multiple methods of creating a second entryway, including “not telling” anyone [...]


Wearing Your Heart on Your Sleeve

A growing number of self-insured employers are tying corporate wellness plans into apps that track their employees’ movements.  Looking for ways to cut the increasing costs associated with providing healthcare plans, these employers are encouraging healthy choices and accountability. Some companies are offering additional health plan choices to employees who participate in such programs.  But in participating, many workers may not realize their personal information may be at risk.


The Wearable Trend

Employees supply their own devices like smart watches, smart glasses and fitness trackers, known in the industry as “enterprise wearables,” which are then linked into an app accessible by the [...]