Privacy and Consent Management

A First End to the Schrems II Limbo

Writing about legal topics is always a challenge. I am not a lawyer, but as an analyst and advisor, however, I almost inevitably encounter the implications of laws and current case law. Thus, this text describes only a personal assessment and is not intended to be, and should not be used as,…

Analyst Chat #79: DNS and Privacy

Your DNS server knows what websites you use, what the name of your mail server is, and which corporate services you use while working from your home office. And there are even broader challenges when it comes to protecting sensitive personal data in that context. Alexei Balaganski and…

Alan Bachmann: Bringing Accountability to the Digital Identity While Preserving Privacy and Security

Frances Zelazny: The Co-Existence of Biometric Identity, Consumer Privacy, and Digital Security

Analyst Chat #70: AdTech and Future Alternatives to 3rd Party Cookies

Annie Bailey and Matthias continue their conversation around privacy, targeted marketing and the end of the era of the 3rd party cookie, that they started two weeks ago. They discuss the characteristics and the pros and cons of upcoming approaches, while this technology area is still…

Analyst Chat #68: FloC and the Death of the 3rd Party Cookie

Tracking of users via 3rd party cookies has been a constant issue regarding compliance and user privacy. This is about to change, as 3rd party cookies are being more and more blocked in browsers like Firefox and Safari. And Google has announced the same step for Chrome in upcoming…

Does Microsoft Double Key Encryption Help with Schrems II?

On July 16th, 2020 the European Court of Justice issued its decision on the adequacy of the protection provided by the EU-US Data Protection Shield for the transfer of personal data for commercial purposes by an economic operator established in an EU Member State to another economic operator…

Privacy Compliance That Empowers Instead of Hinders

Protecting user privacy has become much more complicated as of late. Organizations must optimize consent rates while ensuring compliance with ever-changing global regulations and frameworks. They must look critically at their own processes to identify gaps or failures to meet privacy…

Interview on Privacy & Consent Management (Ian Evans, Managing Director at OneTrust)

KC Analyst Anne Bailey interviews Ian Evans, Managing Director at OneTrust, about privacy and consent management.

Anne Bailey: Market Overview

John Tolbert: Methodology

Anne Bailey: Core Functionalities

John Tolbert: Topic Overview - Challenges and Trends

Analyst Chat #43: Privacy and Consent Management

Anne Bailey and Matthias Reinwarth discuss the findings of the recently published Leadership Compass on Privacy and Consent Management.

Privacy and Consent Management

This report provides an overview of the market for Privacy and Consent Management platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative…

Core Features of Privacy and Consent Management Solutions

Building a trust-filled and transparent relationship with end-users depends now more than ever on Privacy and Consent Management solutions. These services accomplish many tasks such as helping organizations collect and manage consent signals provided by end-users, managing cookies and…

Decentralized Identity Could Become a Reality, but Blockchain May Not Be a Part of It

Decentralized Identity is a concept that may not be mainstream yet, but it is a term that embodies the sentiment that many individuals feel regarding the control they wish they had over their personal data. The public has become increasingly more vocal about the misuse of their data, and…

Nov 19, 2020: Privacy Compliance That Empowers Instead of Hinders

Protecting user privacy has become much more complicated as of late. Organizations must optimize consent rates while ensuring compliance with ever-changing global regulations and frameworks. They must look critically at their own processes to identify gaps or failures to meet privacy…

Analyst Chat #30: Consent Management Done Right

Graham Williamson and Matthias Reinwarth talk about consent: what does it mean for identity professionals, service providers or lawyers and how to reconcile all those different views in modern IAM environments.

Digital Identities & Healthcare IAM: Balancing Efficiency in Clinical Workflows and the Need for Security & Privacy

IAM infrastructure is becoming increasingly critical to the business success of healthcare providers. This is driven in the first instance by digitization and connectivity of everything and the inevitable efforts of cyber-criminals to compromise the newly connected assets. At the same time,…

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here... You can watch his speech in English or in German below.

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here...

COVID-19 Contact Tracing: Privacy Is not the only Challenge

In the UK there are plans to use a mobile ‘phone app to trace people who have been in contact with someone who has COVID-19 to warn them to go into quarantine in order to slow the spread of the virus. This approach is reported to have been successful in other countries, but it has…

Sep 13 - 16, 2021: European Identity and Cloud Conference 2021

The European Identity and Cloud Conference returns fully digitalized, reacting to the global pandemic. We have collected a lot of experience in virtual conferencing throughout 2020 to be able to offer you a safe and hygienic event experience – on-site, virtual, and hybrid.

May 07, 2020: Digital Identities & Healthcare IAM: Balancing Efficiency in Clinical Workflows and the Need for Security & Privacy

IAM infrastructure is becoming increasingly critical to the business success of healthcare providers. This is driven in the first instance by digitization and connectivity of everything and the inevitable efforts of cyber-criminals to compromise the newly connected assets. At the same time,…

Leadership Brief: Six Key Actions to Prepare for CCPA - 80353

From January 1st, 2020, when the California Consumer Privacy Act (CCPA) came into force, the requirements for managing personal data have changed.  This report identifies six key actions that IT needs to take to prepare for compliance.

Applying the Information Protection Life Cycle and Framework to CCPA

The California Consumer Privacy Act (CCPA) became effective on January 1, 2020. Enforcement is slated to start by July 1, 2020. CCPA is complex regulation which does bear some similarities with EU GDPR. For more information on how CCPA and GDPR compare, see our webinar. Both regulations deal…

Whitepaper: Healthcare IAM: Enhance the Clinical Workflow - 80163

The Healthcare sector faces the common challenges of all businesses today: digital transformation, cyber-security, and increasingly stringent regulations. But Healthcare also has unique challenges because clinical operations depend on continual access to customers’ most sensitive…

Executive View: Informatica Data Privacy Management - 80276

Informatica Data Privacy Management is an AI-enhanced unified data security platform for identifying, analyzing, quantifying and mitigating risk related to sensitive data to enable businesses to get the most out of company data and digital transformation processes without exposing the…

Advisory Note: Future of Identity Management - 71303

Digital identities are at the core of Digital Transformation, Information Security and Privacy, and therefore it has never been more important for enterprises to ensure they have the capability to manage identities effectively and efficiently in a rapidly changing business, regulatory and…

Oct 20 - 22, 2020: Customer Technology World 2020

Understanding your customer’s wishes and requirements and mapping them successfully with CIAM processes is the key to a successful online business. At the Customer Technology World you will learn how to create a customer-centric strategy for your digital business.

Facebook Breach Leaves Half a Billion Users Hanging on the Line

It seems that there is simply no end to a long series of Facebook’s privacy blunders. This time, a security researcher has stumbled upon an unprotected server hosting several huge databases containing phone numbers of 419 million Facebook users from different countries. Judging by the…

Is Multilayered Cyber-Defense Out Already? Against Rising Breaches and Vulnerabilities, Data-Centric Security to the Rescue!

As the growing number of high-profile data breaches indicates, even the largest companies are still struggling with implementing consistent enterprise-wide information security measures. Setting up various security tools for numerous different applications, services, and heterogeneous…

Nov 24 - 25, 2020: cybernetix.world 2020

cybernetix.world is the first decentralized event for global communities. This event offers you talks, panel discussions and workshops relevant for an enterprise executive but also for a private citizen. The event will cover all aspects of digitalization and the interaction of humans and technology.

May 23, 2019: Is Multilayered Cyber-Defense Out Already? Against Rising Breaches and Vulnerabilities, Data-Centric Security to the Rescue!

As the growing number of high-profile data breaches indicates, even the largest companies are still struggling with implementing consistent enterprise-wide information security measures. Setting up various security tools for numerous different applications, services, and heterogeneous…

Building Trust by Design

Trust has somehow become a marketing buzzword recently. There is a lot of talks about “redefining trust”, “trust technologies” or even “trustless models” (the latter is usually applied to Blockchain, of course). To me, this has always sounded……

Data Privacy & CX

Beyond the new data privacy regulations: how to improve customer understanding and the customer experience? When it comes to state-of-the-art sales and marketing, customer experience (CX) is a highly important topic. Creating and analyzing outstanding customer journeys while considering…

CCPA vs. GDPR: An Overview on Similarities and Differences

Over the last few years, the world has witnessed an increasing number of data breaches involving the credentials and PII of employees, citizens, and consumers. We've all experienced breach fatigue and/or been impacted by these losses.

CCPA: GDPR as a Catalyst for Improving Data Protection Outside the EU

It wasn't too long ago that discussions and meetings on the subject of digitization and consumer identity access management (CIAM) in an international environment became more and more controversial when it came to privacy and the personal rights of customers, employees and users. Back then…

Feb 12, 2019: CCPA vs. GDPR: An Overview on Similarities and Differences

Over the last few years, the world has witnessed an increasing number of data breaches involving the credentials and PII of employees, citizens, and consumers. We've all experienced breach fatigue and/or been impacted by these losses.

Martin Kuppinger's Top 5 IAM Topics for 2019

Where to put your focus on in 2019

Online Forms Are Out of Date – There Are New Ways to Sign Up Customers

An extreme lack of innovation has led to online forms dominating online buying for over two decades. The latest identity platforms use fast, easy, and secure technology to streamline customer sign-ups and simplify data. Today, customer experience is the main differentiator for businesses…

Oct 22 - 24, 2019: Consumer Identity World EU 2019

At the Consumer Identity World you learn how to balance the user experience, privacy, and security of your connected customer and how to enhance the customers' journey by leveraging Artificial Intelligence (AI) and Machine Learning (ML) to provide a superior and customized experience.

Sep 25 - 27, 2019: Consumer Identity World USA 2019

At the Consumer Identity World you learn how to balance the user experience, privacy, and security of your connected customer and how to enhance the customers' journey by leveraging Artificial Intelligence (AI) and Machine Learning (ML) to provide a superior and customized experience.

Another Astounding Data Breach Hits the Confidence of Customers

The dust is still setting, but the information on this case currently available, which also includes the official press release, is worrying: Just this Friday, November 30, the hotel chain Marriott International announced that it has become the target of a hacker attack. Marriott's brand…

How to Handle Consent to Be Compliant With the GDPR and the Upcoming ePrivacy Regulation

GDPR is here to stay and the new ePrivacy regulation is on the horizon, but many organizations are still not yet in full state of compliance. A core requirement for compliance with GDPR is the concept of “consent,” which is fairly new for most data controllers. Now, with the…

Consumer Identity World (CIW) USA 2018 - Report

Fall is Consumer Identity Season at KuppingerCole, just in time for holiday shopping. Last week we kicked off our 2018 tour in Seattle. The number of attendees and sponsors was well up over last year, indicating the significant increase in interest in the Consumer Identity and Access…

Nov 06, 2018: How to Handle Consent to Be Compliant With the GDPR and the Upcoming ePrivacy Regulation

GDPR is here to stay and the new ePrivacy regulation is on the horizon, but many organizations are still not yet in full state of compliance. A core requirement for compliance with GDPR is the concept of “consent,” which is fairly new for most data controllers. Now, with the GDPR regulation…

Digital Identities in the Internet of Things - Securely Manage Devices at Scale

The Internet of Things is disrupting all industries and use cases; from customer IoT, to Industrial IoT. Companies are forced to become more innovative with their products whilst their services are being, or will be, digitized. Top drivers of this digitization are eroding margins and…

Dec 18, 2018: Online Forms Are Out of Date – There Are New Ways to Sign Up Customers

An extreme lack of innovation has led to online forms dominating online buying for over two decades. The latest identity platforms use fast, easy, and secure technology to streamline customer sign-ups and simplify data.

Sep 25, 2018: Digital Identities in the Internet of Things - Securely Manage Devices at Scale

The Internet of Things is disrupting all industries and use cases; from customer IoT, to Industrial IoT. Companies are forced to become more innovative with their products whilst their services are being, or will be, digitized. Top drivers of this digitization are eroding margins and…

The Digital Transformation and the Role of the CISO

Cybersecurity needs to be at the heart of the digital transformation, but organisational models will have to evolve Cybersecurity is in the process of becoming an essential component of any organisation’s digital transformation journey. There is no way around this, especially as…

Joy Chik - Planning for Tomorrow: Connecting Identities for People, Processes, and Things

Social, economic and technological changes are creating urgent new requirements for enterprise identity that enable interconnected digital systems. These new use cases require a governance framework that is consistent, integrated and efficiently managed. It also needs to provide increased…

Dr. Torsten George - Zero Trust: Solving IT Security’s Identity Crisis

Although companies are constantly increasing their cybersecurity budgets, this does not seem to help much: each day we learn about new large-scale data breaches. Considering that over 80% of hacking-related breaches leverage compromised user credentials, it’s mindboggling why so many…

Naresh Persaud - How to Enable Trust with Interoperable & Shared Credentials

The focus of digital identity for consumers and enterprise is to remove silos, minimize redundant effort, enable better collaboration and provide a foundation for regulatory compliance. The challenge is that shared credentials for both commercial and public-sector organizations will require…

Prof. Dr. Heiko Beier - Is it Facebook's End Game? Why Social Networks as we know them Today will not Survive

The real problem behind the recent Facebook scandal is not primarily that a company like Cambridge Analytica has "gained" access to the personal information of millions of Facebook users and misused them for political manipulation. It is the business model of social networks itself: Letting…

Tim Hobbs - What Connects DevOps & IAM

IAM products are highly configurable systems tailored to the diverse needs of customer environments and applications. Modern applications require short development cycles and IAM systems that can be adjusted at the same pace. Modern data centers are configuration-driven, resilient…

Jeff Jonas - Do you Know What You Know About the Data Subject?

GDPR obligates organizations to provide data subjects with access to their personal data. To comply, companies must be able to answer a seemingly innocuous but frighteningly difficult question: What do we know about the data subject? Further, organizations must respond to Data Subject…

European Identity & Cloud Awards Ceremony

European Identity & Cloud Awards Ceremony

Martin Kuppinger - Microservices Architectures: Making IAM Hybrid

In recent times, an increasing number of vendors announced a migration of their products towards microservices architectures. Some renovate their existing on premises IAM tools, others build new solutions with a new architectural approach. Factually, the idea isn’t that new, but the…

Carmine Auletta - Identity & Digital Trust

Trust is essential for a society to function. It’s even more critical in a digital society where transactions take place between parties that can only rely on each other supplied digital Identity. eIDAS Regulation provides – for the first time – a clear, universal and…

Prof. Dr. Hans Ulrich Buhl - Unchaining Blockchain

Blockchain is much more than the technology behind its still most successful application – the Bitcoin. One of its key attributes is the immutable storage of information. Besides other applications, this enables trustful online business between two or more individuals – without…

Martin Kuppinger - The Future Model of Identity: Blockchain ID and the Digital Transformation

Distributed Ledger Technologies ("Blockchain") are the foundation for the most disruptive changes to business we are either already observing or that are on the road to becoming a reality. Based on these technologies, both new business models and fundamental changes to established models…

Lukas Praml - Your Mobile Identity: Blockchain Ain't no Swiss Army Knife

Digital identity solutions are very wide spread and everybody is using them on a day to day basis. Mainly it can be distinguished between state issued IDs/eIDs which lack usability and are therefore not as successful as hoped and self-claimed or self-established eIDs (sometimes stored in…

Ralf Oestereich - We will Disrupt You

We will Disrupt You - Are AI, Blockchain, IoT a Blessing or Curse for an Insurance Company?

Drs. Jacoba C. Sieders - Digital Identities and Blockchain: Experiments and Use Cases @ ABNAMRO

ABNAMRO runs over 30 blockchain experiments, also involving digital identity capabilities. Co-operation has been set –up across various coalitions, and use cases are running a lot wider than just the banking and payments industry. Academia, building-, and shipping industries are also…

Kim Cameron - The Laws of Identity on the Blockchain

Keynote at the European Identity & Cloud Conference 2018

Dr. Sridhar Muppidi - Identity Meets Fraud Protection to Establish Digital Trust

In this session, we will introduce a framework to establish digital trust based on capabilities from fraud protection and Identity. This will quickly and transparently establish a trusted, frictionless digital relationship for your customers, employees, and business partners. The session…

Patrick Parker - The AI and Robotic Process Automation Revolution and the Upcoming Redesign of IAM

The AI and Robotic Process Automation revolutions are in full swing with record growth in both sectors as well as an explosion of new startups in this space. Not to be left behind, existing vendors are rushing to heed the call of AI and automation by sprucing up there existing product…

Jason Rose - Realizing the full potential of Consumer Identity

Customer Experience is Everything and Everything is Digital. Digital transformation is now the center of marketing, advertising and sales strategy across every industry and region, with today’s consumers demanding a seamless and relevant experience across online and offline channels…

Jackson Shaw - Fire Safety and Cyber-Security – Smoke Detectors are Not Enough

It takes most businesses over 6 months to detect a breach on their network. And while smoke detectors are proven to halve the death rate by fire, saving thousands of lives each year, detection is sometimes too late to prevent many buildings from burning to the ground. So imagine if it…

Eve Maler - The Evolution of Identity and its Importance for our Digital Lives

Identity is as old as mankind and adapted very well to its changing environments. From a simple look that determines who you are to a high frequency of multi-factor vehicle-to-vehicle authentication in autonomous driving - with Digital Transformation, Identity in digital form has become the…

Mo Ahddoud - SGN Securing Shared Credentials at The Heart of Digital Transformation

The future of IT security will depend on CISOs who are brave enough to build a new security model that is both innovative and unconventional. Gas distribution company, SGN, is blazing a trail that every company can follow. As a UK, critical infrastructure company SGN’s cloud-first…

Christopher Spanton - Blockchain and the Business of Identity

Identity and Access Management (IAM) within an enterprise environment presents complex challenges for any business. While new technologies, such as blockchain, have the potential to help solve some of these challenges, today bringing blockchain into solution oriented discussions can merely…

May 14 - 17, 2019: European Identity & Cloud Conference 2019

Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 14-17, 2019, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 950 thought…

Whitepaper: GDPR Herausforderungen mit Delphix meistern - 70368

Mit der neuen Datenschutz-Grundverordnung (GDPR) führt die EU strenge Kontrollen bezüglich der Verarbeitung personenbezogener Daten von EU-Bürgern sowie hohe Geldstrafen bei Nicht-Einhaltung eben dieser ein. Die Compliance der Grundverordnung erfordert kostenintensive…

Whitepaper: Meeting GDPR Challenges with Delphix - 70368

GDPR introduces stringent controls over the processing of PII relating to people resident in the EU with high penalties for non-compliance.  Compliance requires costly controls that can be justified for processing of PII with direct business benefits.  However, using PII for…