In the age of information, organizations have increased the amount of consumer data housed in structured and unstructured environments. As consumers become increasingly aware of this and what their rights are under current and future legislation, the number of data subject access requests is increasing. According to Automated Intellegence, “A body which represents UK data protection officers has reported that there’s been a 66% increase in the average number of DSARs received” (Automated Intelligence, 2021)”

Last month Amazon was hit with the highest personal data fine to date. A whopping $886.6 million (746 million euros) fine was levied against the corporation by the European Union fine for processing personal data in violation of the bloc's GDPR rules. This action foreshadows a privacy climate in which enforcement will be the norm, trending away from the spotty enforcement of the past.

Privacy laws and regulations are put in place to protect consumers and their data, encouraging them to manage their information in a way that makes them feel secure. Some consumers may want their information deleted, not to be sold, or may allow businesses to retain their information entirely. Privacy legislation puts control back in the consumer’s hands.

Privacy laws and regulations have transformed the relationship between businesses and the personal data they collect from consumers. The CCPA grants privacy rights to California’s consumers, which gives them the right to request access, delete, and modify their data. Granting these rights to individuals can place a significant burden on businesses because they must know exactly what data they hold, where, and in what context, which can be an extremely complex process to unfold.

Data privacy is constantly in the news these days, and for good reason. 

107 countries have data protection rules in place to secure data privacy.

Original broadcast date: March 21, 2019 via IAPP Webconference