Data Privacy – What To Expect
In today’s economy, data is increasingly considered the world’s most valuable business asset. Whether your business is collecting website data to better understand your audience, or your business purchases a list of leads to target, you’re using data to benefit your bottom line. Depending on the data you collect, there is a possibility that some European legislation with the unwieldy acronym of GDPR is critical to your business.
GDPR stands for the General Data Protection Regulations, which originated on May 25, 2019. Even if your company has no offices or personnel in Europe, it applies to you if you have customers in Europe, or use data harvested from Europeans. The regulatory scheme is extremely complex, and imposes some hefty fines for large-scale violators. It includes everything from prompt reporting of data breaches to opt-in forms to notifying people that you’re collecting cookies, even when people have no idea what a cookie1 is or why it matters. Given its complexity, there is not enough room in this post, or several, to set out what compliance requires for your particular business. Instead, this post should serve as an informative warning to encourage your business to get out in front of the issue.
GDPR is Europe’s attempt to handle and protect one of the most universally acknowledged, fundamental human rights—the right to privacy. As privacy expert Craig Vachon has pointed out, “privacy has been defined as the ability of an individual or a group to seclude, and then reveal, their most important information.” And as the GDPR demonstrates, Europe seems to be way ahead of the U.S. in taking this issue seriously and developing policy to manage it.
In contrast to our European friends, the U.S. does not have one consistent data privacy regulatory scheme. What the U.S. has in operation now is a patchwork of regulations from different agencies, different jurisdictions, different eras, and different aspects of operations. Trying to figure out what applies, how it is going to be enforced and so on is a challenge. It appears that U.S. will soon follow Europe’s lead.
On September 10, 2019, a group of 51 businesspeople, including some very heavy technology hitters from companies like Amazon and AT&T, released an open letter to Mitch McConnell, Nancy Pelosi, and other senior legislators urging them to “pass, as soon as possible, a comprehensive consumer data privacy law that strengthens protections for consumers and establishes a national privacy framework to enable continued innovation and growth in the digital economy.”
As we await to see what the U.S. government does with respect to data privacy, please feel free to contact Rosen Hagood with any questions regarding data privacy or compliance with the current regulatory scheme.
1A cookie is a small amount of data generated by a website and stored in your browser that identifies you, as you, every time you visit a website.