Privacy and Consent Management

Better Business With Smooth and Secure Onboarding Processes

In the modern world of working, organizations need to digitally verify and secure identities at scale. But traditional IAM and CIAM strategies can’t identity-proof people in a meaningful way in the digital era. Finding an automated digital identity proofing system that is passwordless…

Advanced Authorization in a Web 3.0 World

Business and just about every other kind of interaction is moving online, with billions of people, connected devices, machines, and bots sharing data via the internet. Consequently, managing who and what has access to what in what context, is extremely challenging. Business success depends…

Analyst Chat #146: Do You Still Need a VPN?

Virtual Private Networks (VPNs) are increasingly being promoted as an essential security tool for end users. This is not about the traditional access to corporate resources from insecure environments, but rather about privacy and security protection, but also about concealing one's actual…

Understanding and Managing Privileged Access to Databases and Other Data Resources

This Whitepaper analyses the issues surrounding access management, privacy, security and compliance when identities access compute and storage resources, with a special focus on database technologies commonly found in modern enterprises.

Oct 25, 2022: Advanced Authorization in a Web 3.0 World

Business and just about every other kind of interaction is moving online, with billions of people, connected devices, machines, and bots sharing data via the internet. Consequently, managing who and what has access to what in what context, is extremely challenging. Business success depends…

Oct 27, 2022: Better Business With Smooth and Secure Onboarding Processes

In the modern world of working, organizations need to digitally verify and secure identities at scale. But traditional IAM and CIAM strategies can’t identity-proof people in a meaningful way in the digital era. Finding an automated digital identity proofing system that is passwordless and…

Privacy and Data Protection

As the world becomes more digital, and the right to privacy becomes enshrined in a growing number of laws and regulations around the world, organizations increasingly have to pay attention to protecting the privacy of individuals in all their data handling and processing. In the digital…

Data Privacy Laws in the UAE

The United Arab Emirates has passed its first federal data privacy law, in force as of January 2, 2022. Aligning well with global privacy regulation best practice, the Personal Data Protection Law (PDPL) standardizes data protection for companies operating in and/or serving data subjects who…

Web 3.0 Creates a World Without Perimeters

Web and the metaverse is a trendy topic, so it is even nicer to enjoy a more nuanced view of the subject. An optimistic but still realistic sneek peak of our digital future. Katryna Dow from Meeco will elaborate on the challenges of Web3 in her Keynote The Omniverse SWOT on Thursday, May 12,…

Jul 14, 2022: You Can Only Protect and Govern the Data You Know About

Data is widely recognized as the lifeblood of the modern enterprise. However, the exponential rate at which it is being generated means that it is crucial that organizations have the capability to manage it effectively to ensure its confidentiality, integrity, and availability.

Analyst Chat #118: A first look at the new Trans-Atlantic Data Privacy Framework

On March 25th, 2022 the European Commission and the US government announced a new agreement governing the transfer of data between the EU and the US. Mike Small and Annie Bailey join Matthias to have a first look as analysts (not lawyers) at this potential milestone for data privacy…

Analyst Chat #115: From Third-Party Cookies to FLoC to Google Topics API

Online tracking is a highly visible privacy issue that a lot of people care about. Third-party cookies are most notorious for being used in cross-site tracking, retargeting, and ad-serving. Annie Bailey and Matthias sit down to discuss the most recently proposed approach called…

Analyst Chat #108: Privacy and Consent Management

"Privacy and Consent Management" is an exciting topic in a continuously changing market. Annie Bailey has just completed her latest Leadership Compass, which researches this market segment. To mark the release of this document, she joined Matthias for an Analyst Chat episode where she…

A Sovereign Cloud Is About More Than Just Privacy

Using cloud services has now become an essential component of digital transformation.  However, the dominant cloud service providers are not European and, following the recent Schrems II judgment, transferring personal data to these services has become increasingly problematic. This is…

A First End to the Schrems II Limbo

Writing about legal topics is always a challenge. I am not a lawyer, but as an analyst and advisor, however, I almost inevitably encounter the implications of laws and current case law. Thus, this text describes only a personal assessment and is not intended to be, and should not be used as,…

Analyst Chat #79: DNS and Privacy

Your DNS server knows what websites you use, what the name of your mail server is, and which corporate services you use while working from your home office. And there are even broader challenges when it comes to protecting sensitive personal data in that context. Alexei Balaganski and…

Alan Bachmann: Bringing Accountability to the Digital Identity While Preserving Privacy and Security

Frances Zelazny: The Co-Existence of Biometric Identity, Consumer Privacy, and Digital Security

Analyst Chat #70: AdTech and Future Alternatives to 3rd Party Cookies

Annie Bailey and Matthias continue their conversation around privacy, targeted marketing and the end of the era of the 3rd party cookie, that they started two weeks ago. They discuss the characteristics and the pros and cons of upcoming approaches, while this technology area is still…

Analyst Chat #68: FloC and the Death of the 3rd Party Cookie

Tracking of users via 3rd party cookies has been a constant issue regarding compliance and user privacy. This is about to change, as 3rd party cookies are being more and more blocked in browsers like Firefox and Safari. And Google has announced the same step for Chrome in upcoming…

Does Microsoft Double Key Encryption Help with Schrems II?

On July 16th, 2020 the European Court of Justice issued its decision on the adequacy of the protection provided by the EU-US Data Protection Shield for the transfer of personal data for commercial purposes by an economic operator established in an EU Member State to another economic operator…

Privacy Compliance That Empowers Instead of Hinders

Protecting user privacy has become much more complicated as of late. Organizations must optimize consent rates while ensuring compliance with ever-changing global regulations and frameworks. They must look critically at their own processes to identify gaps or failures to meet privacy…

Interview on Privacy & Consent Management (Ian Evans, Managing Director at OneTrust)

KC Analyst Anne Bailey interviews Ian Evans, Managing Director at OneTrust, about privacy and consent management.

Anne Bailey: Market Overview

John Tolbert: Methodology

John Tolbert: Topic Overview - Challenges and Trends

Anne Bailey: Core Functionalities

Analyst Chat #43: Privacy and Consent Management

Anne Bailey and Matthias Reinwarth discuss the findings of the recently published Leadership Compass on Privacy and Consent Management.

Decentralized Identity Could Become a Reality, but Blockchain May Not Be a Part of It

Decentralized Identity is a concept that may not be mainstream yet, but it is a term that embodies the sentiment that many individuals feel regarding the control they wish they had over their personal data. The public has become increasingly more vocal about the misuse of their data, and…

Nov 19, 2020: Privacy Compliance That Empowers Instead of Hinders

Protecting user privacy has become much more complicated as of late. Organizations must optimize consent rates while ensuring compliance with ever-changing global regulations and frameworks. They must look critically at their own processes to identify gaps or failures to meet privacy…

Analyst Chat #30: Consent Management Done Right

Graham Williamson and Matthias Reinwarth talk about consent: what does it mean for identity professionals, service providers or lawyers and how to reconcile all those different views in modern IAM environments.

Digital Identities & Healthcare IAM: Balancing Efficiency in Clinical Workflows and the Need for Security & Privacy

IAM infrastructure is becoming increasingly critical to the business success of healthcare providers. This is driven in the first instance by digitization and connectivity of everything and the inevitable efforts of cyber-criminals to compromise the newly connected assets. At the same time,…

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here... You can watch his speech in English or in German below.

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here...

COVID-19 Contact Tracing: Privacy Is not the only Challenge

In the UK there are plans to use a mobile ‘phone app to trace people who have been in contact with someone who has COVID-19 to warn them to go into quarantine in order to slow the spread of the virus. This approach is reported to have been successful in other countries, but it has…

Sep 13 - 16, 2021: European Identity and Cloud Conference 2021

The European Identity and Cloud Conference returns fully digitalized, reacting to the global pandemic. We have collected a lot of experience in virtual conferencing throughout 2020 to be able to offer you a safe and hygienic event experience – on-site, virtual, and hybrid.

May 07, 2020: Digital Identities & Healthcare IAM: Balancing Efficiency in Clinical Workflows and the Need for Security & Privacy

IAM infrastructure is becoming increasingly critical to the business success of healthcare providers. This is driven in the first instance by digitization and connectivity of everything and the inevitable efforts of cyber-criminals to compromise the newly connected assets. At the same time,…

Applying the Information Protection Life Cycle and Framework to CCPA

The California Consumer Privacy Act (CCPA) became effective on January 1, 2020. Enforcement is slated to start by July 1, 2020. CCPA is complex regulation which does bear some similarities with EU GDPR. For more information on how CCPA and GDPR compare, see our webinar. Both regulations deal…