<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=654132&amp;fmt=gif">

Colorado House Votes on SB190, Senate Reconciliation is Next

Updated 6/9/21 @ 11am: The Colorado Senate unanimously voted 34-0 on concurrence and final passage of SB190. It now heads to Gov. Polis, who will have 10 days to sign or explicitly veto it.CPA applies to businesses collecting data on more than 100,000 individuals, or those earning revenue from the data of more than 25,000 consumers. It includes standard data subject rights, an opt-out consent model with a universal opt-out mechanism, and a right to cure, all subject to normal AG rule-making and enforcement.

CPA is effective July 1, 2023 unless vetoed by the Gov. The biggest difference when compared to Virginia or CPRA is the broad requirement (with fewer exemptions) for data protection privacy assessments.

A more specific compliance issue Colorado presents, according to attorney David Zetoony, is the required data protection assessment. Such examinations are also required in the Virginia Consumer Data Protection Act, but Colorado does not exempt companies from these assessments like Virginia.

Original Post

The Colorado Privacy Act SB190 has passed the Colorado House of Representatives by a vote of 57-7. While the bill must return to the Senate for final reconciliation of amendments made by the House, it’s most likely. Unless the Governor vetos it, which is improbable, the amendments will be reconciled in the next few days.

All Posts

This New Agent Could Generate More Data Requests for Your Company

Privacy laws and regulations are put in place to protect consumers and their data, encouraging them to manage their information in a way that makes them feel secure. Some consumers may want their information deleted, not to be sold, or may allow businesses to retain their information entirely. Privacy legislation puts control back in the consumer’s hands.

But when a consumer decides they want to make a change, how do they do that? Truyo clients provide their users with simple to use consent and preference management tools, but some organizations don’t have these in place for their users and this is a challenge that a new technology is aiming to solve. When CCPA rolled out in 2020, it encouraged California residents to take into consideration who has their information and how it’s being used. In turn, this propelled said California consumers to seek out ways to make data requests, deletion requests, and do not sell requests.

Here’s where the issues arose. Many consumers were finding it cumbersome to locate where on a company’s website they could submit these requests. In addition, they started to realize they would have to do this for each and every business with which they have interacted or from which they have purchased. According to Digital Commerce 360, online shopping increased 44% in 2020. Consider how many businesses you’ve purchased from in the last year, likely increased from the previous year due to the pandemic and easy access to online shopping. Consumers are aware that with online shopping there is a larger transfer of information compared to an in-person cash transaction.

New Technology Available

A group of UC Berkeley students saw this as a roadblock for consumers and sought to design a solution, according to Consumer Reports. PrivacyBot was the result of their efforts, an open-source project that allows users with a Gmail account, Python 3, pip3 and node on their computer to send data requests in bulk to data brokers and search sites. Not all consumers will have the capability to put PrivacyBot into practice because it has a level of technicality that the average user may not have.

That being said, is this a glimpse into the future? How long is it before consumers have an easy-to-use bulk request system that will inundate businesses with data requests that they’re not equipped to handle? How soon will we see a program that can contact every business with which they’ve completed a transaction and request a change to their data en masse? The biggest mistake we see is companies waiting until the influx happens before instituting a solution. At that point it’s too late to play catch up. We will help you prepare now for the inevitable future as technology increases consumer request capability.

Prepare Your Organization for Incoming Data Requests

Truyo has automated the data request response process to help businesses prepare for when that time comes – and for some, it already has. We saved A national home goods chain $1.1mm in operating costs with CCPA automation. Will you be the next industry or company to be hit with a flood of data requests? It’s not a question of if, but a matter of when. And when you are, you want the Truyo platform in place with comprehensive data mapping and response features that are changing the way companies are managing consumer data privacy.

Ale Johnson
About Ale Johnson
Ale Johnson is the Marketing Content Specialist at Truyo.
Recent Posts

Colorado House Votes on SB190, Senate Reconciliation is Next

Updated 6/9/21 @ 11am: The Colorado Senate unanimously voted 34-0 on concurrence and final passage of SB190. It now heads to Gov. Polis, who will have...

4 Tips for Choosing the Right Privacy Tool

First, there was technology, then came the data collection. As that technology rapidly grew more intelligent and pervasive, so too did the data. As th...

The California Privacy Protection Agency Is Not Wasting Time

In a meeting agenda released today, the California Privacy Protection Agency made it clear that they are going to move quickly and start implementing ...

Update: Senate Vote on Colorado Privacy Act is In

The Colorado State Senate has unanimously passed the Colorado Privacy Act which will now move to the State Assembly for voting. The current session co...