December 2021 Product Newsletter

Community

Did you know we have a Blog and a Privacy Hub? We share the latest news and announcements about Ethyca, data privacy landscape and regulation, as well as voices from across our community. Keep in the know by checking out our articles.

Product Updates

Detailed View of a Completed Subject Request

Ever curious to see the "who, what, when" of a completed Subject Request? You are now able to select a completed Subject Request and view informational details about that request, such as the time it was approved and fulfilled, who approved and fulfilled it, and the list of manual and automatic integrations that were accessed to complete the request.

16951695

These details becomes especially important if Manual Integrations are used to process Subject Requests. It provides more visibility into who helped process the request from your organization. For more information on what you see with this page, check out this article.

Downloading DSR and Consent Reports

Our DSR and Consent reports allow you to track subject requests and ensure compliance with the record keepings requirements of privacy regulation. You can now do a complete export of these reports and can even specify a date range to export months or years of data at a time. For more information on Reporting, check out our article on "How to run Automated Privacy Reports"

35323532

Filling out Subject Data for Manual Integration by CSVs

Some third party applications don't yet provide a programmatic way to process privacy requests for subjects, which means that you might need to manually go into that application to search for the subject and either capture their PII to include in an access request or delete their PII in the event of an erasure request. Ethyca still allows you to centralize your subject request processing all in one place by allowing you to set up a Manual Integration. Therefore, when processing an Access Request, you can simply copy and paste that subject's PII to the Subject Request Processing screens to include in the same Download Package that Ethyca delivers on your behalf. You can now import subject data from a CSV file instead of inputting that data into each PII category manually. To learn more about this, check out our section on how to process an access request using a Manual Integration.

916916

Privacy Actions to Display

Ready to intake Consent values from Subjects, but haven't fully configured your integrations for processing Download or Deletion requests? Well, now you can configure which privacy actions to display depending on what stage of privacy-readiness your organization is currently at. Head over to the Admin Settings -> Privacy Center section of the Application and scroll to the "Privacy Actions" section to see these new configuration options.

17541754

Upgrade Atlas now!

On Thursday December 9th, 2021, a security vulnerability (CVE-2021-44228) was identified in the Apache log4j logging library widely used in Java web applications (https://www.lunasec.io/docs/blog/log4j-zero-day/). Since December 9th, two further security vulnerabilities (CVE-2021-45046 and CVE-2021-45105) were identified in the Apache Log4j logging library (https://logging.apache.org/log4j/2.x/security.html)

Ethyca's security investigation of the vulnerability's impact on the Ethyca Pro platform concluded that, although log4j is used, it is not used in a way which can be exploited.

Nevertheless, log4j was updated to a safe version in all Ethyca applications: Platform, Atlas, and DSR-S. As a further precautionary measure, we advise our customers who use Atlas and/or DSR-S to update to the latest, patched versions of these applications which were upgraded to log4j v2.17.0.

If you have any questions, concerns, or need further support in applying the requested changes, reply using this link to connect with our Support Desk.