{"id":18676,"date":"2021-06-24T06:00:29","date_gmt":"2021-06-24T13:00:29","guid":{"rendered":"https:\/\/www.trulioo.com\/?p=18676"},"modified":"2023-08-01T16:23:25","modified_gmt":"2023-08-01T16:23:25","slug":"dsar-management","status":"publish","type":"post","link":"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management","title":{"rendered":"DSAR management \u2014 strategies to help deliver the promise of privacy"},"content":{"rendered":"\n<p><span style=\"font-weight: 400;\">In 2020, just 10% of the global population\u2019s personal data was protected by some form of data protection law or regulation.<\/span> <a href=\"https:\/\/www.gartner.com\/en\/newsroom\/press-releases\/2020-09-14-gartner-says-by-2023--65--of-the-world-s-population-w#:~:text=September%2014%2D17-,By%202023%2C%2065%25%20of%20the%20world's%20population%20will%20have%20its,%2C%20according%20to%20Gartner%2C%20Inc.&amp;text=%E2%80%9CLawmakers%20are%20introducing%20new%20privacy,seek%20parity%20with%20the%20GDPR.\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Gartner<\/span><\/a><span style=\"font-weight: 400;\"> predicts that by 2023, that figure will be closer to 65%.<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">With that huge increase in data protection law coverage comes an associated increase in rights for individuals over the information concerning them that companies hold. This in turn requires that companies be able to demonstrate that that information is in good hands.&nbsp;<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">The European General Data Protection Regulation (GDPR) is arguably the best-known example, granting data subject rights (DSRs) to individuals resident in the European Economic Area to know if a company holds information about them, access that information (in GDPR terminology, the \u201cdata subject access request,\u201d or DSAR), correct it, move it elsewhere, or have it deleted, among other rights.<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">However, a number of other major privacy laws also grant individuals rights over their personal data, including the Australian Privacy Act, the Californian CCPA, Canada\u2019s PIPEDA, and Brazil\u2019s LGPD. The most common right is the right of access, but many data protection laws also provide for the right to update or correct information.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-key-considerations-with-dsrs\"><b>Key considerations with DSRs<\/b><\/h2>\n\n\n\n<p><span style=\"font-weight: 400;\">Many small and medium businesses are concerned about DSRs, and the potential challenges of managing them.<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">There are three main expectations with any DSR:<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\"><strong>1<\/strong>. That a company will respond\/take action<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\"><strong>2<\/strong>. That the response will include the mandated information\/action<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\"><strong>3<\/strong>. That the response\/action will happen in a set amount of time<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">A basic element for any business dealing with DSRs is the ability to track them. The aim is to be able to track date of receipt and date of response, in a format that allows the company to prove that:<\/span><\/p>\n\n\n\n<ul>\n<li><span style=\"font-weight: 400;\">The response was provided<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">The response adheres to requirements and deadlines in the event of an audit, or, worst case, a data protection authority complaint<\/span><\/li>\n<\/ul>\n\n\n\n<p><span style=\"font-weight: 400;\">Some key things to look into as soon as a DSR comes in:<\/span><\/p>\n\n\n\n<ul>\n<li><span style=\"font-weight: 400;\">What law applies (see, for example, where the data subject is located or their nationality)<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Whether an acknowledgement of receipt is required<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">What the timeline for response\/action on the request is<\/span><\/li>\n<\/ul>\n\n\n\n<p><span style=\"font-weight: 400;\">Having these things established allows teams to set the priorities for next steps, and understand what those next steps should be.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-exceptions-to-dsrs\"><b>Exceptions to DSRs<\/b><\/h2>\n\n\n\n<p><span style=\"font-weight: 400;\">In some cases, a company will fall into an exception situation, or be otherwise unable to action the request. In most cases, this should still trigger a response to the individual making the request, outlining that the company can\u2019t respond, why, and (where applicable) what further rights the individual has, such as contacting their local data protection authority.<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">A common <\/span><a href=\"https:\/\/dataprivacymanager.net\/gdpr-exemptions-from-the-obligation-to-provide-information-to-the-individual-data-subject\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">exception case under GDPR<\/span><\/a><span style=\"font-weight: 400;\"> is disproportionate effort. However, as companies can\u2019t abuse exceptions to avoid responding, and as the definition of \u201cdisproportionate effort\u201d isn\u2019t clearly defined, any company applying this exception needs to be able to prove unequivocally that the effort, or cost, to comply with the obligation is disproportionate.<\/span><\/p>\n\n\n\n<p><a href=\"https:\/\/www.priv.gc.ca\/en\/privacy-topics\/accessing-personal-information\/obligations-for-organizations\/02_05_d_54_ati_02\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">PIPEDA carves out legal reasons<\/span><\/a><span style=\"font-weight: 400;\">, such as solicitor-client privilege and active investigations as exceptions, as well as instances where providing personal data to an individual would reveal the data of another individual (and that third party\u2019s information can\u2019t be removed from the file).<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">The <\/span><a href=\"https:\/\/www.clarip.com\/data-privacy\/ccpa-erasure-exemptions\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Californian CCPA permits an exception<\/span><\/a><span style=\"font-weight: 400;\"> to complying with deletion requests where that information is still required to provide the services (for example, where the consumer submits a deletion request before the end of a warranty period).<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">As these exception cases show, exceptions will vary based on the applicable laws and jurisdictions, underscoring the importance of defining which law applies early in the process.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-verifying-identity-and-dsrs\"><b>Verifying identity and DSRs<\/b><\/h2>\n\n\n\n<p><span style=\"font-weight: 400;\">Where a company is obliged to action a DSR, before actually sharing or altering information, it\u2019s vital to ensure that <\/span><a href=\"https:\/\/www.techradar.com\/news\/gdpr-subject-access-requests-authentication-cannot-be-an-afterthought\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">the person making the request has the right to make requests<\/span><\/a><span style=\"font-weight: 400;\"> about that information (or is their legal representative).<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">Various laws have different expectations regarding the scrutiny required in verifying an individual\u2019s identity in this context. For example:<\/span><\/p>\n\n\n\n<ul>\n<li><span style=\"font-weight: 400;\">The<\/span> <a href=\"https:\/\/eur-lex.europa.eu\/eli\/reg\/2016\/679\/oj\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">GDPR<\/span><\/a><span style=\"font-weight: 400;\"> requires that all \u201creasonable measures\u201d to verify the identity of a data subject are taken, including requesting additional information if reasonable doubt exists<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">The<\/span> <a href=\"https:\/\/oag.ca.gov\/sites\/all\/files\/agweb\/pdfs\/privacy\/oal-sub-final-text-of-regs.pdf?\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">regulations to the CCPA<\/span><\/a><span style=\"font-weight: 400;\">, on the other hand, provide very specific guidance on how many data points must be matched for different types of data requests, to a \u201creasonable degree of certainty\u201d or a \u201creasonably high degree of certainty.\u201d<\/span><\/li>\n<\/ul>\n\n\n\n<p><span style=\"font-weight: 400;\">Under a number of laws (GDPR included), companies can\u2019t require individuals submitting a DSR to create an account with them and sign-in in order to have their DSR attended to. Because of this, it\u2019s important for teams dealing with DSRs to ensure they\u2019re <\/span><a href=\"\/blog\/trust-and-safety\/gdpr-sars\"><span style=\"font-weight: 400;\">aware of the requirements<\/span><\/a><span style=\"font-weight: 400;\"> of law and regulation before opening this conversation with an individual. Companies should also avoid demanding a large amount of sensitive information in order to verify an identity \u2013 stick to the minimum amount needed for the purpose.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-responding-to-a-dsr\"><b>Responding to a DSR<\/b><\/h2>\n\n\n\n<p><span style=\"font-weight: 400;\">The response to a DSR will vary depending on the original request, but some basic requirements will apply:<\/span><\/p>\n\n\n\n<ul>\n<li><span style=\"font-weight: 400;\">Ensure the identity has been verified<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Where an exception is relevant, ensure that it\u2019s explained to the individual<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Work with internal teams to obtain\/alter\/delete records<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Ensure that the information is provided in an easily readable format (or other accessible format)<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Ensure that the information is complete<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">Ensure that the deadline is met, or, where it can\u2019t be, that the individual is notified before the expiration of the original deadline<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400;\">As most responses will involve transferring <\/span><a href=\"\/blog\/compliance\/pii-data\"><span style=\"font-weight: 400;\">PII<\/span><\/a><span style=\"font-weight: 400;\">, ensure that the information is sent securely<\/span><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-trusted-paradigm\"><b>The \u201ctrusted\u201d paradigm<\/b><\/h2>\n\n\n\n<p><span style=\"font-weight: 400;\">Globally, there are varying approaches to individual rights. In some instances, the system for making a request is hard to access, or requires access to an account that the individual may never have created in the first place, or has since closed and can no longer access. Some companies extend into a vertical (for example, credit reporting) that allows long-term personal data retention.<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">Sometimes, resistance to these requests occurs because of the perception that they\u2019re complex, time-consuming and will absorb working hours. Nevertheless, avoidance and resistance can come with impacts to companies: most data protection laws include the right to administer penalties, which can run to up to 4% of a company\u2019s global turnover, or \u20ac20 million. Some <\/span><a href=\"https:\/\/www.mondaq.com\/canada\/privacy-protection\/1014324\/digital-charter-implementation-act-2020-bill-c-11-overview-of-changes-to-the-applicable-regime\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">draft laws are looking at even higher penalties<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400;\">However, the payoff for having a process in place to support individuals\u2019 asks is that nebulous quantity: consumer trust. Transparency and responsiveness are key when an organization deals with a consumer, and with the increasing number of data protection laws worldwide, putting a process in place to handle these asks simply and efficiently may save time, avoid penalties, and enhance your business reputation.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"In 2020, just 10% of the global population\u2019s personal data was protected by some form&#8230;","protected":false},"author":7,"featured_media":18677,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"footnotes":""},"categories":[337],"post-types":[148,205],"post-topics":[143],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.1 (Yoast SEO v22.1) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>DSAR management \u2014 strategies to help deliver the promise of privacy<\/title>\n<meta name=\"description\" content=\"How companies manage data subject access requests \u2014 DSAR management \u2014 is becoming increasingly crucial as privacy laws expand.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DSAR management \u2014 strategies to help deliver the promise of privacy\" \/>\n<meta property=\"og:description\" content=\"How companies manage data subject access requests \u2014 DSAR management \u2014 is becoming increasingly crucial as privacy laws expand.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management\" \/>\n<meta property=\"og:site_name\" content=\"Trulioo\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/trulioo\" \/>\n<meta property=\"article:published_time\" content=\"2021-06-24T13:00:29+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-01T16:23:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.trulioo.com\/wp-content\/uploads\/2021\/06\/DSAR-management.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"900\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Bond Lai\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@trulioo\" \/>\n<meta name=\"twitter:site\" content=\"@trulioo\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Bond Lai\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management\"},\"author\":{\"name\":\"Bond Lai\",\"@id\":\"https:\/\/www.trulioo.com\/#\/schema\/person\/c019180cc6a5cff73b8cce8518bd97b8\"},\"headline\":\"DSAR management \u2014 strategies to help deliver the promise of privacy\",\"datePublished\":\"2021-06-24T13:00:29+00:00\",\"dateModified\":\"2023-08-01T16:23:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management\"},\"wordCount\":1126,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.trulioo.com\/#organization\"},\"articleSection\":[\"Trust and Safety\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management\",\"url\":\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management\",\"name\":\"DSAR management \u2014 strategies to help deliver the promise of privacy\",\"isPartOf\":{\"@id\":\"https:\/\/www.trulioo.com\/#website\"},\"datePublished\":\"2021-06-24T13:00:29+00:00\",\"dateModified\":\"2023-08-01T16:23:25+00:00\",\"description\":\"How companies manage data subject access requests \u2014 DSAR management \u2014 is becoming increasingly crucial as privacy laws expand.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.trulioo.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trust and Safety\",\"item\":\"https:\/\/www.trulioo.com\/post-topics\/trust-and-safety\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"DSAR management \u2014 strategies to help deliver the promise of privacy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.trulioo.com\/#website\",\"url\":\"https:\/\/www.trulioo.com\/\",\"name\":\"Trulioo\",\"description\":\"Building trust online (online identity verification services)\",\"publisher\":{\"@id\":\"https:\/\/www.trulioo.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.trulioo.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.trulioo.com\/#organization\",\"name\":\"Trulioo\",\"url\":\"https:\/\/www.trulioo.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.trulioo.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.trulioo.com\/wp-content\/uploads\/2023\/01\/Trulioo-Wordmark-Dark-Green.png\",\"contentUrl\":\"https:\/\/www.trulioo.com\/wp-content\/uploads\/2023\/01\/Trulioo-Wordmark-Dark-Green.png\",\"width\":2784,\"height\":1464,\"caption\":\"Trulioo\"},\"image\":{\"@id\":\"https:\/\/www.trulioo.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/trulioo\",\"https:\/\/twitter.com\/trulioo\",\"https:\/\/www.linkedin.com\/company\/trulioo\",\"https:\/\/www.instagram.com\/trulioo_global\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.trulioo.com\/#\/schema\/person\/c019180cc6a5cff73b8cce8518bd97b8\",\"name\":\"Bond Lai\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.trulioo.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8f17fb4de5ef8ab9d1c56147ad8d3b08?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8f17fb4de5ef8ab9d1c56147ad8d3b08?s=96&d=mm&r=g\",\"caption\":\"Bond Lai\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"DSAR management \u2014 strategies to help deliver the promise of privacy","description":"How companies manage data subject access requests \u2014 DSAR management \u2014 is becoming increasingly crucial as privacy laws expand.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management","og_locale":"en_US","og_type":"article","og_title":"DSAR management \u2014 strategies to help deliver the promise of privacy","og_description":"How companies manage data subject access requests \u2014 DSAR management \u2014 is becoming increasingly crucial as privacy laws expand.","og_url":"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management","og_site_name":"Trulioo","article_publisher":"https:\/\/www.facebook.com\/trulioo","article_published_time":"2021-06-24T13:00:29+00:00","article_modified_time":"2023-08-01T16:23:25+00:00","og_image":[{"width":900,"height":600,"url":"https:\/\/www.trulioo.com\/wp-content\/uploads\/2021\/06\/DSAR-management.jpg","type":"image\/jpeg"}],"author":"Bond Lai","twitter_card":"summary_large_image","twitter_creator":"@trulioo","twitter_site":"@trulioo","twitter_misc":{"Written by":"Bond Lai","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management#article","isPartOf":{"@id":"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management"},"author":{"name":"Bond Lai","@id":"https:\/\/www.trulioo.com\/#\/schema\/person\/c019180cc6a5cff73b8cce8518bd97b8"},"headline":"DSAR management \u2014 strategies to help deliver the promise of privacy","datePublished":"2021-06-24T13:00:29+00:00","dateModified":"2023-08-01T16:23:25+00:00","mainEntityOfPage":{"@id":"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management"},"wordCount":1126,"commentCount":0,"publisher":{"@id":"https:\/\/www.trulioo.com\/#organization"},"articleSection":["Trust and Safety"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management","url":"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management","name":"DSAR management \u2014 strategies to help deliver the promise of privacy","isPartOf":{"@id":"https:\/\/www.trulioo.com\/#website"},"datePublished":"2021-06-24T13:00:29+00:00","dateModified":"2023-08-01T16:23:25+00:00","description":"How companies manage data subject access requests \u2014 DSAR management \u2014 is becoming increasingly crucial as privacy laws expand.","breadcrumb":{"@id":"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.trulioo.com\/blog\/trust-and-safety\/dsar-management#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.trulioo.com\/"},{"@type":"ListItem","position":2,"name":"Trust and Safety","item":"https:\/\/www.trulioo.com\/post-topics\/trust-and-safety"},{"@type":"ListItem","position":3,"name":"DSAR management \u2014 strategies to help deliver the promise of privacy"}]},{"@type":"WebSite","@id":"https:\/\/www.trulioo.com\/#website","url":"https:\/\/www.trulioo.com\/","name":"Trulioo","description":"Building trust online (online identity verification services)","publisher":{"@id":"https:\/\/www.trulioo.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.trulioo.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.trulioo.com\/#organization","name":"Trulioo","url":"https:\/\/www.trulioo.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.trulioo.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.trulioo.com\/wp-content\/uploads\/2023\/01\/Trulioo-Wordmark-Dark-Green.png","contentUrl":"https:\/\/www.trulioo.com\/wp-content\/uploads\/2023\/01\/Trulioo-Wordmark-Dark-Green.png","width":2784,"height":1464,"caption":"Trulioo"},"image":{"@id":"https:\/\/www.trulioo.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/trulioo","https:\/\/twitter.com\/trulioo","https:\/\/www.linkedin.com\/company\/trulioo","https:\/\/www.instagram.com\/trulioo_global\/"]},{"@type":"Person","@id":"https:\/\/www.trulioo.com\/#\/schema\/person\/c019180cc6a5cff73b8cce8518bd97b8","name":"Bond Lai","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.trulioo.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8f17fb4de5ef8ab9d1c56147ad8d3b08?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8f17fb4de5ef8ab9d1c56147ad8d3b08?s=96&d=mm&r=g","caption":"Bond Lai"}}]}},"_links":{"self":[{"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/posts\/18676"}],"collection":[{"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/comments?post=18676"}],"version-history":[{"count":1,"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/posts\/18676\/revisions"}],"predecessor-version":[{"id":36364,"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/posts\/18676\/revisions\/36364"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/media\/18677"}],"wp:attachment":[{"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/media?parent=18676"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/categories?post=18676"},{"taxonomy":"post-types","embeddable":true,"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/post-types?post=18676"},{"taxonomy":"post-topics","embeddable":true,"href":"https:\/\/www.trulioo.com\/wp-json\/wp\/v2\/post-topics?post=18676"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}