Privacy regulations are expanding beyond the European Union’s General Data Protection Regulation (GDPR), to include California’s Consumer Privacy Act (CCPA) and regulations in other states and countries as well. The landscape is changing fast, and it can seem like the only certainty is uncertainty, but nearly a year after the GDPR went into effect, there are insights and best practices that can be applied to the CCPA and beyond.
Original broadcast date: March 21, 2019 via IAPP Webconference
Updated April 16, 2019 to add Arizona, Connecticut, Nevada, and Texas.
We have entered a new privacy paradigm, where the only certainty is uncertainty. That is in part because of the wide range of regulations passed and pending around the world – and even within the United States. Here, we bring some order to the chaos by analyzing passed and pending privacy regulations across the U.S. and ranking each state based on the relative strength of its privacy regulatory environment.
Take a walk along the path of a subject access request (SAR), from the point of collection to privacy rights management as a competitive advantage.
Walk through this decision tree to uncover how many SARs you might expect to get, how complex your data environment is, and – ultimately – whether it likely is more cost-effective to automate SAR management.
It’s one thing to plan for the GDPR or CCPA and other privacy regulations. It’s another thing to actually live it.
There is tremendous uncertainty in the privacy rights regulatory environment today. The most prominent regulations – GDPR and CCPA – have significant differences. They’re going to continue to change. And new regulations will continue to emerge. Yet with GDPR in full effect, the “wait and see” approach is not an option. What is: a privacy rights management solution that’s future proof against the uncertainty.
In the face of continued consumer distrust over data privacy and a regulatory environment that remains uncertain, forward-thinking companies are building best practices for data stewardship – and creating a competitive advantage in the process.
On May 25th, Apple released a privacy portal to support their obligations under the GDPR. Just a few weeks ago, they released that portal to US users, ostensibly because it was just the right thing to do. Apple makes a point that it does not drive its business with user data, and this move is a direct response to that claim.
The General Data Protection Regulation (GDPR) is one of the most robust individual privacy rights frameworks enacted to date. The regulation contains 99 articles, but it is a handful of those that have upended the traditional privacy paradigm.
