Governments and citizens across the world are increasingly aware of the importance of data privacy. With the rise in awareness, authorities in many countries have drafted regulations and laws to protect their citizens on the internet. Other countries have laws in late stages of development.
The issue of privacy has found rare bipartisan support in the United States Senate. Ethyca CEO Cillian Kieran recently sat down for a conversation on the state of the US federal privacy conversation with Amie Stepanovich.
The CCPA is the state of California’s data privacy law. It marks a milestone in US privacy regulation in the same way that GDPR did for Europe. In short, it’s a game-changer.
Since CCPA came into effect the California Attorney General, Xavier Becerra, has issued additional guidance to help explain and clarify certain parts of the law.
Privacy By Design is a key concept in the study of modern data privacy. It’s incorporated into the text of the GDPR as a core principle, and its influence is considerable across a number of data privacy laws worldwide.
Individual data rights are at the core of all the major pieces of data privacy legislation. They are a bundle of rights aimed at letting individuals exert control over the way that their data is collected, stored, and processed by other parties. Each data right below is substantive enough to consider independently, but seeing the list together provides a useful overview.
The state of California has come up with a unique solution to deal with data privacy concerns of its citizens by including a “Do Not Sell My Personal Information” provision in the CCPA. This lets consumers deny or withdraw consent to businesses who might otherwise use their data for profit or research purposes
“Consent” is a fundamental part of processing user data. It has a special place at the heart of digital privacy theory. Given the importance of consent, it shouldn’t be surprising that there’s plenty of legal wrangling over how it’s defined.
Data Minimization is a privacy concept that’s written into GDPR and is a best-practice for privacy-conscious businesses worldwide. It holds that businesses should collect and process only the bare minimum amount of data needed to accomplish a goal.
“Data Privacy” and “Data Security” are two terms that can sometimes be used interchangeably, especially by those who aren’t in the field of data protection. However, in this particular sector, they mean two very different things. Understanding the relationship between them is essential for grasping the complexity of regulatory compliance.
