The CIPP Guide provides reliable and accurate information to the privacy professional arena. We hope individuals seeking the Certified Information Privacy Professional designation will find further substance specifically targeted at their CIPP pursuit.
Please review the user agreement for the forums and testing services.  CIPP Guide requires registration before use of the testing services.  We hope you find this service useful, and good luck on the exam!


TSA Sentry Locks and the Analogs with Cryptography

After several months of speculation and chatter, the pictures originally posted as part of a Washington Post article on the TSA and subsequently removed, has resulted in key templates posted on GitHub.  This example of government controlled keys aligns with the September Wired magazine article by Matt Jancer regarding TrueCrypt and how it is one of the few (Jancer suggests only) cryptographic programs provably (through the Open Crypto Audit Project) without a backdoor. Although not directly correlated at first blush, there is a significant lesson to be learned.

While there are multiple methods of creating a second entryway, including “not telling” anyone [...]


Wearing Your Heart on Your Sleeve

A growing number of self-insured employers are tying corporate wellness plans into apps that track their employees’ movements.  Looking for ways to cut the increasing costs associated with providing healthcare plans, these employers are encouraging healthy choices and accountability. Some companies are offering additional health plan choices to employees who participate in such programs.  But in participating, many workers may not realize their personal information may be at risk.


The Wearable Trend

Employees supply their own devices like smart watches, smart glasses and fitness trackers, known in the industry as “enterprise wearables,” which are then linked into an app accessible by the [...]


Ok, Google - Is it Ok?

“Dear Maintainer,

 After upgrading chromium to 43, I noticed that when it is running and immediately after the machine is on-line it silently starts downloading “Chrome Hotword Shared Module” extension, which contains a binary without source code. There seems no opt-out config. “

Web OS Chromium users, like the one who posted in a message board above, recently discovered a hidden code with the ability to record and transmit audio picked up by their computers’ microphones without consent.  A search function called “Ok Google” allows users to search, map, and set reminders by simply saying aloud “Ok Google” and then stating their [...]


eHealth Cards: Digital Health Records in Germany

Doctors throughout Germany will soon have instant, digital access to their patients’ records. German lawmakers passed a measure in July 2015 mandating the use of electronic health (eHealth) cards beginning in 2018 allowing doctors a wider view of patients’ records.  One of the reasons for this move is the German government’s aim to decrease the cost of healthcare across the nation and improve data sharing across different IT systems.

Currenty, the eHealth cards contain a patient’s name, address, birthdate, health care number, and a photo of the patient.  Under the new system starting in 2018, doctors will be compensated by the [...]


Facebook Loses Appeal

An appeals court in New York affectively changed the status of Facebook’s attempt to contest search warrants on behalf of its customers. The social media giant, founded in 2004, lost an appeal in a Manhattan courtroom on Tuesday in a decision highly anticipated by privacy advocates.

Facebook argued that in storing their customers’ photos and files, they have a right to challenge search warrants they deem unnecessary. Since Facebook would have to perform the task of searching for and delivering the information to law enforcement, the company reasoned these are unlike traditional warrants where police search a home, office, or other [...]