Blog

Legal articles in easy to understand language.

CISSP Certification: What it is and How to Get it

If you're a seasoned cybersecurity professional who wants to show businesses that you have the skills they need to protect critical data, then you might consider the Certified Information Security Systems Professional (CISSP) qualification. Below, we explain who the CISSP certificate is for, why it might benefit you, and how to...

Canada CTA Messaging Compliance

Businesses that use short codes to engage in Short Message Service (SMS)-based communication with Canadian residents should be aware of the Canadian Telecommunications Association's (CTA) requirements. This article explains what the CTA is, what it requires, who it applies to, and how to comply with its requirements. What is the CTA? The CTA,...

CDPSE Certification: What it is and How to Get it

Data privacy is a serious concern for all businesses. That's why there's a growing demand for cybersecurity professionals with the skills to keep data safe. Many professionals, however, lack the skills required to handle complex privacy laws or protect data from increasingly sophisticated criminals. That's where certification, or education, becomes...

Addressing Third Parties and Service Providers in a Privacy Policy

Many jurisdictions require businesses to maintain Privacy Policies that inform users how they handle their personal information. Your Privacy Policy should let users know what third parties and service providers you use and how you share users' personal information, among other information. This article explains what a Privacy Policy is, common...

The California Automatic Renewal Law: What It Means for Businesses

California's Automatic Renewal Law (ARL) regulates businesses that sell recurring membership or subscription fees. It requires businesses to clearly disclose all recurring fees and notify customers of upcoming charges. This article will explain what the ARL is, who it applies to, who is exempt from it, how to comply with it,...

Kentucky Consumer Data Protection Act (KCDPA)

The Kentucky Consumer Data Protection Act (KCDPA) was adopted on April 4, 2024 and is set to become law on January 1, 2026. This law has far-reaching implications for any business with Kentucky-based customers. It impacts what type of personal data you can process without consent, and it has a...