This post was co-authored by Tatiana Segura Rey and Stephan Geering, two of Blackboard’s leading privacy experts.
Today is International Data Privacy Day (or “Data Protection Day” in Europe). It is meant to raise awareness and promote data privacy best practices. As we recognize Data Privacy Day 2021, let’s take some time to reflect on the impact COVID-19 has had in data privacy matters around the world, our main accomplishments of 2020, and our plans for 2021.
As with most things, COVID-19 has had an impact on data privacy worldwide. Virtual collaboration tools were rapidly adopted for work, education, and personal use, placing them under the spotlight of users and regulators. To help our clients with their collaborative tools assessment, we published a Blackboard Collaborate Data Privacy White Paper.
Also, the rapid shift to remote work forced companies to adopt security measures to better ensure that employees working from home had appropriate security protections that met both internal security requirements and applicable privacy laws. At Blackboard, we have always had a large number of our employees working remotely and we were therefore well prepared for the security requirements of remote working.
Besides adjusting to these changes, the data privacy world also faced some very important changes and challenges during 2020 as a result of judicial decisions, new national laws coming into effect, and new guidelines and recommendations from different data privacy authorities across the world.
In Europe, the Court of Justice of the European Union invalidated the EU-U.S. Privacy Shield data transfer framework in July 2020. This forced organizations around the world to react quickly and adopt new data transfer mechanisms. We quickly provided our existing clients with contract amendments to include Standard Contractual Clauses (“SCCs”) as the appropriate transfer mechanism and included them for our new clients to help them with their General Data Protection Regulation (“GDPR”) compliance. We are also supporting our clients in South Africa with the implementation of the Protection of Personal Information Act (“POPIA”) and our clients in Brazil with the implementation of the Brazilian General Data Protection Law (“LGPD”). As part of these efforts, our new clients around the world now benefit from our global data processing addendum that uses the high standards of the EU GDPR, the California Consumer Privacy Act (“CCPA”), and the LGDP. We are working with our existing clients to help them comply with these new regulations.
We ended 2020 on a high note by opting into the Student Privacy Pledge 2020, which is focused on protection of privacy of K-12 students. This Student Privacy Pledge is the updated version of the Legacy Pledge, of which Blackboard was a proud signatory. This updated version kept the core commitments of the Legacy Pledge but has been updated to better align with state and federal privacy laws and broaden the scope of protected data.
We are sure 2021 is going to be a very interesting and fluid year for data privacy matters around the world. In the EU, regulators are expected to provide more guidance on how to handle data transfers following the drafts recommendations that were published at the end of 2020 by the European Data Protection Board and the European Commission, and legislatures and governments in California, Canada, India, and China have been discussing or have recently approved new privacy laws. With a new administration in the US, we may also see some advances for a federal data privacy bill. We will continue to further strengthen our data privacy practices and will, amongst other things, publish our first transparency report on government data requests this year.
As we wait to see what 2021 brings, we wish you a Happy Data Privacy Day! Don’t forget to visit our Community Page for all data privacy updates.