Privacy and security are closely linked, with privacy programs needed to protect consumer information. Guidelines like the Generally Accepted Privacy Principles and OECD's privacy guidelines help guide these programs. The Madrid Resolution and the EU's General Data Protection Regulation provide further guidance on information privacy. Information governance focuses on protecting personally identifiable information, with privacy laws enacted for this purpose. Information rights management uses encryption technology to embed protection into data, allowing files to protect themselves.