SlideShare a Scribd company logo

U.S. Quarterly Privacy Update

TrustArc
TrustArc

U.S. Quarterly Privacy Update

Technology
1 of 23
Download to read offline
1 1 © 2021 TrustArc Inc. Proprietary and Confidential Information. U.S. Quarterly Privacy Update 21 July 2021
2 2 Thank You for Joining “U.S. Quarterly Privacy Update” ● We will be starting a couple minutes after the hour ● This webinar will be recorded and the recording and slides sent out later today ● Please use the GoToWebinar control panel on the right hand side to submit any questions for the speakers
3 3 Speakers K Royal Associate General Counsel & Data Protection Officer TrustArc Jadene Young Manager, Privacy Research TrustArc
4 4 Agenda ● U.S. state and federal legislative updates ● Predictions for managing regulatory priorities ● What to watch for the remainder of 2021
5 5 US State Updates
6 6 Poll Question How many do you think will pass in 2021 - in total? ● Only the two which have passed ● 3-5 ● 5-7 ● More than 7 (which is only 5 more) US State Laws
7 7 Poll Question Will Washington pass an omnibus consumer privacy law? ● Yes, 2022 is the year for Washington ● Yes, eventually, not in the next year ● Never
8 8 Colorado Consumer Privacy Act Already announced changes to be made in the signing statement Privacy Notice Consumer rights - standard 45 day response time, but right to appeal Opt out of sales (Sale = money or other valuable consideration) Opt out of targeted advertising (with exceptions) and profiling Processor obligations Minors under age 13 (aligns with COPPA) Does not apply to B2B or employment context Includes sensitive data No private right of action No consumer privacy oversight agency Enforcement by Attorney General, with an optional 60 day cure period until January 1, 2025 Interesting - universal opt out mechanism to be determined Signed by Governor July 7, 2021
9 9 Ohio Personal Privacy Act - HB 376 Privacy Notice Consumer rights Opt out of sales (Sale = money or other valuable consideration) Processor obligations Minors under age 13 (aligns with COPPA) Does not apply to B2B or employment context No definition of sensitive data No private right of action No consumer privacy oversight agency Enforcement by Attorney General after 30 day cure period Can seek civil penalties Interesting - safe harbor for NIST security program July 12, 2021
10 10
11 11 US State Laws Currently Alive & Well Massachusetts S46 Massachusetts Information Privacy Act (MIPA) ● Full year session - Jan 6 - Dec 31, 2021 ● Referred to Committee New Jersey AB 3283 Disclosure and Accountability Transparency Act (NJ DaTA) ● Session January 14, 2020 - January 1, 2021 (introduced 2/25/2020) ● Referred to Assembly Science, Innovation and Technology Committee New York A 680 / S 6701 New York Privacy Act (NYPA) & A 6042 Digital Fairness Act ● 2 year sessions 2021 - 2022 North Carolina SB 569 Consumer Privacy Act (NCCPA) ● 2 year sessions 2021 - 2022 ● First reading, referred to committee on rules and operations of the senate Ohio HB 376 Personal Privacy Act (OPPA) ● New July 12, 2021 Pennsylvania HB 1126 Consumer Data Privacy Act (PCPA) ● Full year session - January 5 - Dec 31, 2021 ● Referred to committee on consumer affairs
12 12 Commonalities & Differences
13 13 Sensitive Personal Data CPA Virginia CDPA CPRA GDPR Racial or ethnic origin X X X X Religious beliefs X X X X Philosophical beliefs X X Political opinions X Union membership X X Mental or physical health X X (diagnosis) X X Sex life or sexual orientation X X X (+sex life) X (+sex life) Citizenship or immigration status X X Genetic data X Genetic / biometric data to identify a person X X X Personal data from a known child X X Art. 8 for child Precise geolocation X
14 14 State by State Comparison Updated July 19, 2021
15 15 Recipe for Success Trends Include Debatable / Discussable Exclude / Don’t Include ● Privacy notice (consumable) ● Individual rights ● Access | Know (confirm) | Delete ● 45 day response time ● Right to appeal ● Define sensitive data ● Minors < 13 ● Vendor contract requirements ● DPIAs / PIAs ● 30 days cure period ● Security requirements ● Individual right to portability ● Controller / processor concepts ● Security audits ● Allow cure period for certain time ● Universal opt-out mechanism ● Security program safe harbor ● Consumer privacy agency ● Private right of action ● Lookback period ● Business-to-Business - explicit exemption ● Employment context - explicit exemption ● Reporting metrics
16 16 Poll Question Should states have a private right of action or a state regulatory agency for privacy? ● Yes to a private right of action ● Yes to a privacy agency ● Both of the Above ● Neither of the Above
17 17 The Federal Scenario
18 18 Federal Focus ● EU - US trade ○ Privacy Shield replacement ● HIPAA / Healthcare ○ Information blocking ○ Strong enforcement on individual rights to access (“Right to Access Initiative”) ○ Closed on the public comment period for strengthening HIPAA ● TCPA Amendments Seek Prison Time for Violations ● COPPA: Major Changes to Children's Online Privacy Rules proposed ● Court decision: FCRA: US Supreme Court Finds No Concrete Harm, No Standing What is happening on the federal level
19 19 Federal Regulation ● Several promising bills have been introduced in the past, with most disagreement centering on private rights of action and federal preemption ● Once again, current proposed legislation seems promising ○ Information Transparency and Personal Data Control Act - Rep DelBene ■ HR 1816 ○ Most bills target specific areas of privacy - contact tracing, research, etc. ● How many state laws will it take to encourage Congress to pass legislation? ○ Are the differences among the states operationally impactful? ○ Keep in mind, every state has a data breach notification law ● Would other federal laws simply be expanded and strengthened? ● Consider global implications and impact What’s next?
20 20 Poll Question What do you think the time frame is for getting a US federal privacy law in place? ● This year ● Within the next 4 years ● Not anytime in predictable future ● There shouldn't be one
21 21 From Washinton post, July 19 - referring to July 14 ● The quest for federal rules to govern companies that deal in citizens’ personal information has delivered nothing but disappointments. Nonetheless, a commitment last week by key legislators to get comprehensive regulations on the books by the end of 2022, even if doing so requires some compromise, is promising. Reps. Jan Schakowsky (D-Ill.) and Gus M. Bilirakis (R-Fla.) and Sen. Richard Blumenthal (D-Conn.), all chairs or ranking members of relevant subcommittees in their chambers, agreed in a public event on Wednesday that it’s past time to overcome the pesky points of impasse that have doomed past proposals. Key industry and consumer groups made the same pledge. ● More contentious all along have been the topics of preemption and a private right of action. Mr. Blumenthal on Wednesday signaled a possible breakthrough on the first: A strong federal standard, he said, would be preferable to a patchwork of state standards — but a patchwork of state standards would be preferable to a weak federal standard. The best solution is probably a form of preemption that overrides only state laws inconsistent with the federal rules, and allows others to stand. The problem of the private right of action is trickier to resolve but resolvable nonetheless. A Brookings report last year mentioned a possible route that involves limiting liability to especially egregious violations, as well as setting a higher bar for violations. ● Congress’s aim to do by the end of 2022 what it should have done as long ago as 2012 may be described as unambitious; more generously, it could be described as realistic. Another failure to deliver, however, would surely be embarrassing. https://www.washingtonpost.com/opinions/congress-has-another-chance-at-privacy-legislation-it-cant-afford-to-fail-again/2021/05/08/9409fa28-af5c- 11eb-ab4c-986555a1c511_story.html Statements on point?
22 22 Q&A
23 23 Thank You! See http://www.trustarc.com/insightseries for the 2021 Privacy Insight Series and past webinar recordings. If you would like to learn more about how TrustArc can support you with compliance, please reach out to sales@trustarc.com for a free demo.

Recommended

So Many States, So Many Privacy Laws: US State Privacy Law Update
So Many States, So Many Privacy Laws: US State Privacy Law UpdateSo Many States, So Many Privacy Laws: US State Privacy Law Update
So Many States, So Many Privacy Laws: US State Privacy Law Update
TrustArc
 
LGPD is Here: What to know to understand compliance and enforcement action
LGPD is Here: What to know to understand compliance and enforcement actionLGPD is Here: What to know to understand compliance and enforcement action
LGPD is Here: What to know to understand compliance and enforcement action
TrustArc
 
The Conversation Continues: Where International Data Transfers Stand
The Conversation Continues: Where International Data Transfers Stand The Conversation Continues: Where International Data Transfers Stand
The Conversation Continues: Where International Data Transfers Stand
TrustArc
 
Privacy 2020: Recap & Predictions
Privacy 2020: Recap & PredictionsPrivacy 2020: Recap & Predictions
Privacy 2020: Recap & Predictions
TrustArc
 
International Data Transfer Update
International Data Transfer UpdateInternational Data Transfer Update
International Data Transfer Update
TrustArc
 
Building Consumer Trust through Individual Rights / DSAR Management
Building Consumer Trust through Individual Rights / DSAR ManagementBuilding Consumer Trust through Individual Rights / DSAR Management
Building Consumer Trust through Individual Rights / DSAR Management
TrustArc
 
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
TrustArc
 
CCPA Update: What You Need to Know about CPRA & July 1st Enforcement
CCPA Update: What You Need to Know about CPRA & July 1st EnforcementCCPA Update: What You Need to Know about CPRA & July 1st Enforcement
CCPA Update: What You Need to Know about CPRA & July 1st Enforcement
TrustArc
 

Recommended

So Many States, So Many Privacy Laws: US State Privacy Law Update
So Many States, So Many Privacy Laws: US State Privacy Law UpdateSo Many States, So Many Privacy Laws: US State Privacy Law Update
So Many States, So Many Privacy Laws: US State Privacy Law Update
TrustArc
 
LGPD is Here: What to know to understand compliance and enforcement action
LGPD is Here: What to know to understand compliance and enforcement actionLGPD is Here: What to know to understand compliance and enforcement action
LGPD is Here: What to know to understand compliance and enforcement action
TrustArc
 
The Conversation Continues: Where International Data Transfers Stand
The Conversation Continues: Where International Data Transfers Stand The Conversation Continues: Where International Data Transfers Stand
The Conversation Continues: Where International Data Transfers Stand
TrustArc
 
Privacy 2020: Recap & Predictions
Privacy 2020: Recap & PredictionsPrivacy 2020: Recap & Predictions
Privacy 2020: Recap & Predictions
TrustArc
 
International Data Transfer Update
International Data Transfer UpdateInternational Data Transfer Update
International Data Transfer Update
TrustArc
 
Building Consumer Trust through Individual Rights / DSAR Management
Building Consumer Trust through Individual Rights / DSAR ManagementBuilding Consumer Trust through Individual Rights / DSAR Management
Building Consumer Trust through Individual Rights / DSAR Management
TrustArc
 
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
TrustArc
 
CCPA Update: What You Need to Know about CPRA & July 1st Enforcement
CCPA Update: What You Need to Know about CPRA & July 1st EnforcementCCPA Update: What You Need to Know about CPRA & July 1st Enforcement
CCPA Update: What You Need to Know about CPRA & July 1st Enforcement
TrustArc
 
China's PIPL: How to Comply in Under 60 Days
China's PIPL: How to Comply in Under 60 DaysChina's PIPL: How to Comply in Under 60 Days
China's PIPL: How to Comply in Under 60 Days
TrustArc
 
Cookie Consent Regulatory Updates: How to Maintain Compliance
Cookie Consent Regulatory Updates: How to Maintain ComplianceCookie Consent Regulatory Updates: How to Maintain Compliance
Cookie Consent Regulatory Updates: How to Maintain Compliance
TrustArc
 
The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...
The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...
The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...
TrustArc
 
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
TrustArc
 
California Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to ComplianceCalifornia Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to Compliance
Tinuiti
 
California Consumer Privacy Act: What your brand needs to know
California Consumer Privacy Act: What your brand needs to knowCalifornia Consumer Privacy Act: What your brand needs to know
California Consumer Privacy Act: What your brand needs to know
Ogilvy Health
 
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc SolutionsCCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
TrustArc
 
Becoming PIPL Compliant In No Time
Becoming PIPL Compliant In No TimeBecoming PIPL Compliant In No Time
Becoming PIPL Compliant In No Time
TrustArc
 
California Consumer Privacy Act - What You Need To Know
California Consumer Privacy Act - What You Need To KnowCalifornia Consumer Privacy Act - What You Need To Know
California Consumer Privacy Act - What You Need To Know
TokenEx
 
Cybersecurity and Data Privacy Whistleblower Protections
Cybersecurity and Data Privacy Whistleblower ProtectionsCybersecurity and Data Privacy Whistleblower Protections
Cybersecurity and Data Privacy Whistleblower Protections
Zuckerman Law Whistleblower Protection Law Firm
 
Cloud primer
Cloud primerCloud primer
Cloud primer
Zeno Idzerda
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1
Dione McBride, CISSP, CIPP/E
 
Data privacy presentation
Data privacy presentationData privacy presentation
Data privacy presentation
Travers Morgan
 
Cybersecurity & data privacy whistleblower incentives and protections
Cybersecurity & data privacy whistleblower incentives and protectionsCybersecurity & data privacy whistleblower incentives and protections
Cybersecurity & data privacy whistleblower incentives and protections
Zuckerman Law Whistleblower Protection Law Firm
 
Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...
Financial Poise
 
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the HorizonALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
Patton Boggs LLP
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
Extentia Information Technology
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
Ulf Mattsson
 
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Constantine Karbaliotis
 
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...
TrustArc
 
Post US Election Privacy Updates & Implications
Post US Election Privacy Updates & ImplicationsPost US Election Privacy Updates & Implications
Post US Election Privacy Updates & Implications
TrustArc
 
The Top Privacy Resolutions to make 2022 Your Most Successful Year
The Top Privacy Resolutions to make 2022 Your Most Successful YearThe Top Privacy Resolutions to make 2022 Your Most Successful Year
The Top Privacy Resolutions to make 2022 Your Most Successful Year
TrustArc
 

More Related Content

What's hot

Cookie Consent Regulatory Updates: How to Maintain Compliance
Cookie Consent Regulatory Updates: How to Maintain ComplianceCookie Consent Regulatory Updates: How to Maintain Compliance
Cookie Consent Regulatory Updates: How to Maintain Compliance
TrustArc
 
The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...
The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...
The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...
TrustArc
 
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc SolutionsCCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
TrustArc
 
Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...
Financial Poise
 
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the HorizonALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
Patton Boggs LLP
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
Extentia Information Technology
 
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...
TrustArc
 

What's hot (20)

China's PIPL: How to Comply in Under 60 Days
China's PIPL: How to Comply in Under 60 DaysChina's PIPL: How to Comply in Under 60 Days
China's PIPL: How to Comply in Under 60 Days
 
Cookie Consent Regulatory Updates: How to Maintain Compliance
Cookie Consent Regulatory Updates: How to Maintain ComplianceCookie Consent Regulatory Updates: How to Maintain Compliance
Cookie Consent Regulatory Updates: How to Maintain Compliance
 
The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...
The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...
The Court Speaks: Privacy Shield, Standard Contractual Clauses and Cookie Con...
 
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
 
California Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to ComplianceCalifornia Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to Compliance
 
California Consumer Privacy Act: What your brand needs to know
California Consumer Privacy Act: What your brand needs to knowCalifornia Consumer Privacy Act: What your brand needs to know
California Consumer Privacy Act: What your brand needs to know
 
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc SolutionsCCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
 
Becoming PIPL Compliant In No Time
Becoming PIPL Compliant In No TimeBecoming PIPL Compliant In No Time
Becoming PIPL Compliant In No Time
 
California Consumer Privacy Act - What You Need To Know
California Consumer Privacy Act - What You Need To KnowCalifornia Consumer Privacy Act - What You Need To Know
California Consumer Privacy Act - What You Need To Know
 
Cybersecurity and Data Privacy Whistleblower Protections
Cybersecurity and Data Privacy Whistleblower ProtectionsCybersecurity and Data Privacy Whistleblower Protections
Cybersecurity and Data Privacy Whistleblower Protections
 
Cloud primer
Cloud primerCloud primer
Cloud primer
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1
 
Data privacy presentation
Data privacy presentationData privacy presentation
Data privacy presentation
 
Cybersecurity & data privacy whistleblower incentives and protections
Cybersecurity & data privacy whistleblower incentives and protectionsCybersecurity & data privacy whistleblower incentives and protections
Cybersecurity & data privacy whistleblower incentives and protections
 
Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...
 
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the HorizonALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
 
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...
 

Similar to U.S. Quarterly Privacy Update

Post US Election Privacy Updates & Implications
Post US Election Privacy Updates & ImplicationsPost US Election Privacy Updates & Implications
Post US Election Privacy Updates & Implications
TrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
CSR PII White Paper
CSR PII White PaperCSR PII White Paper
CSR PII White Paper
Dmcenter
 
I’m attaching some info on the agency I work for. I work remot.docx
I’m attaching some info on the agency I work for. I work remot.docxI’m attaching some info on the agency I work for. I work remot.docx
I’m attaching some info on the agency I work for. I work remot.docx
donnajames55
 
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Financial Poise
 
Data Privacy Trends in 2021: Compliance with New Regulations
Data Privacy Trends in 2021: Compliance with New RegulationsData Privacy Trends in 2021: Compliance with New Regulations
Data Privacy Trends in 2021: Compliance with New Regulations
PECB
 
[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...
[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...
[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...
Kenneth Riley
 
TrustArc Webinar: Level-Up Your Healthcare Privacy Program
TrustArc Webinar: Level-Up Your Healthcare Privacy ProgramTrustArc Webinar: Level-Up Your Healthcare Privacy Program
TrustArc Webinar: Level-Up Your Healthcare Privacy Program
TrustArc
 
UK GDPR: What New Direction?
UK GDPR: What New Direction?UK GDPR: What New Direction?
UK GDPR: What New Direction?
David Erdos
 
Marketing Meets Privacy_ What You Need to Know in 2023.pdf
Marketing Meets Privacy_ What You Need to Know in 2023.pdfMarketing Meets Privacy_ What You Need to Know in 2023.pdf
Marketing Meets Privacy_ What You Need to Know in 2023.pdf
John Doyle
 

Similar to U.S. Quarterly Privacy Update (20)

Post US Election Privacy Updates & Implications
Post US Election Privacy Updates & ImplicationsPost US Election Privacy Updates & Implications
Post US Election Privacy Updates & Implications
 
The Top Privacy Resolutions to make 2022 Your Most Successful Year
The Top Privacy Resolutions to make 2022 Your Most Successful YearThe Top Privacy Resolutions to make 2022 Your Most Successful Year
The Top Privacy Resolutions to make 2022 Your Most Successful Year
 
The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...
 
Global Evolution of Data Sharing
Global Evolution of Data SharingGlobal Evolution of Data Sharing
Global Evolution of Data Sharing
 
Data Decoded: Understanding India's Draft Data Protection Bill
Data Decoded: Understanding India's Draft Data Protection BillData Decoded: Understanding India's Draft Data Protection Bill
Data Decoded: Understanding India's Draft Data Protection Bill
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Wb 2020-03-25-us-quarterly-privacy-update
Wb 2020-03-25-us-quarterly-privacy-updateWb 2020-03-25-us-quarterly-privacy-update
Wb 2020-03-25-us-quarterly-privacy-update
 
CSR PII White Paper
CSR PII White PaperCSR PII White Paper
CSR PII White Paper
 
Presentation - gener8tor - Data Privacy, Security, and Rights 130627
Presentation - gener8tor - Data Privacy, Security, and Rights 130627Presentation - gener8tor - Data Privacy, Security, and Rights 130627
Presentation - gener8tor - Data Privacy, Security, and Rights 130627
 
SECTOR-SPECIFIC-REGULATIONS-AND-A-FEW-HICCUPS-MORE-U.S.A-AND-ITS-PRIVACY-LAWS...
SECTOR-SPECIFIC-REGULATIONS-AND-A-FEW-HICCUPS-MORE-U.S.A-AND-ITS-PRIVACY-LAWS...SECTOR-SPECIFIC-REGULATIONS-AND-A-FEW-HICCUPS-MORE-U.S.A-AND-ITS-PRIVACY-LAWS...
SECTOR-SPECIFIC-REGULATIONS-AND-A-FEW-HICCUPS-MORE-U.S.A-AND-ITS-PRIVACY-LAWS...
 
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
 
I’m attaching some info on the agency I work for. I work remot.docx
I’m attaching some info on the agency I work for. I work remot.docxI’m attaching some info on the agency I work for. I work remot.docx
I’m attaching some info on the agency I work for. I work remot.docx
 
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
 
U.S. Data Privacy Report - Patchy preparation for GDPR shows U.S. businesses ...
U.S. Data Privacy Report - Patchy preparation for GDPR shows U.S. businesses ...U.S. Data Privacy Report - Patchy preparation for GDPR shows U.S. businesses ...
U.S. Data Privacy Report - Patchy preparation for GDPR shows U.S. businesses ...
 
WB-2022-01-25-India's Data Protection Bill
WB-2022-01-25-India's Data Protection BillWB-2022-01-25-India's Data Protection Bill
WB-2022-01-25-India's Data Protection Bill
 
Data Privacy Trends in 2021: Compliance with New Regulations
Data Privacy Trends in 2021: Compliance with New RegulationsData Privacy Trends in 2021: Compliance with New Regulations
Data Privacy Trends in 2021: Compliance with New Regulations
 
[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...
[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...
[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...
 
TrustArc Webinar: Level-Up Your Healthcare Privacy Program
TrustArc Webinar: Level-Up Your Healthcare Privacy ProgramTrustArc Webinar: Level-Up Your Healthcare Privacy Program
TrustArc Webinar: Level-Up Your Healthcare Privacy Program
 
UK GDPR: What New Direction?
UK GDPR: What New Direction?UK GDPR: What New Direction?
UK GDPR: What New Direction?
 
Marketing Meets Privacy_ What You Need to Know in 2023.pdf
Marketing Meets Privacy_ What You Need to Know in 2023.pdfMarketing Meets Privacy_ What You Need to Know in 2023.pdf
Marketing Meets Privacy_ What You Need to Know in 2023.pdf
 

More from TrustArc

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
TrustArc
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 States
TrustArc
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy Compliance
TrustArc
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
TrustArc
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
TrustArc
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy Certifications
TrustArc
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI Governance
TrustArc
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023
TrustArc
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
TrustArc
 
The Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To KnowThe Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To Know
TrustArc
 
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdfTrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc
 

More from TrustArc (20)

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI Innovations
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 States
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy Compliance
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy Certifications
 
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI Governance
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
 
The Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To KnowThe Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To Know
 
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdfTrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 

U.S. Quarterly Privacy Update

  • 1. 1 1 © 2021 TrustArc Inc. Proprietary and Confidential Information. U.S. Quarterly Privacy Update 21 July 2021
  • 2. 2 2 Thank You for Joining “U.S. Quarterly Privacy Update” ● We will be starting a couple minutes after the hour ● This webinar will be recorded and the recording and slides sent out later today ● Please use the GoToWebinar control panel on the right hand side to submit any questions for the speakers
  • 3. 3 3 Speakers K Royal Associate General Counsel & Data Protection Officer TrustArc Jadene Young Manager, Privacy Research TrustArc
  • 4. 4 4 Agenda ● U.S. state and federal legislative updates ● Predictions for managing regulatory priorities ● What to watch for the remainder of 2021
  • 6. 6 6 Poll Question How many do you think will pass in 2021 - in total? ● Only the two which have passed ● 3-5 ● 5-7 ● More than 7 (which is only 5 more) US State Laws
  • 7. 7 7 Poll Question Will Washington pass an omnibus consumer privacy law? ● Yes, 2022 is the year for Washington ● Yes, eventually, not in the next year ● Never
  • 8. 8 8 Colorado Consumer Privacy Act Already announced changes to be made in the signing statement Privacy Notice Consumer rights - standard 45 day response time, but right to appeal Opt out of sales (Sale = money or other valuable consideration) Opt out of targeted advertising (with exceptions) and profiling Processor obligations Minors under age 13 (aligns with COPPA) Does not apply to B2B or employment context Includes sensitive data No private right of action No consumer privacy oversight agency Enforcement by Attorney General, with an optional 60 day cure period until January 1, 2025 Interesting - universal opt out mechanism to be determined Signed by Governor July 7, 2021
  • 9. 9 9 Ohio Personal Privacy Act - HB 376 Privacy Notice Consumer rights Opt out of sales (Sale = money or other valuable consideration) Processor obligations Minors under age 13 (aligns with COPPA) Does not apply to B2B or employment context No definition of sensitive data No private right of action No consumer privacy oversight agency Enforcement by Attorney General after 30 day cure period Can seek civil penalties Interesting - safe harbor for NIST security program July 12, 2021
  • 10. 10 10
  • 11. 11 11 US State Laws Currently Alive & Well Massachusetts S46 Massachusetts Information Privacy Act (MIPA) ● Full year session - Jan 6 - Dec 31, 2021 ● Referred to Committee New Jersey AB 3283 Disclosure and Accountability Transparency Act (NJ DaTA) ● Session January 14, 2020 - January 1, 2021 (introduced 2/25/2020) ● Referred to Assembly Science, Innovation and Technology Committee New York A 680 / S 6701 New York Privacy Act (NYPA) & A 6042 Digital Fairness Act ● 2 year sessions 2021 - 2022 North Carolina SB 569 Consumer Privacy Act (NCCPA) ● 2 year sessions 2021 - 2022 ● First reading, referred to committee on rules and operations of the senate Ohio HB 376 Personal Privacy Act (OPPA) ● New July 12, 2021 Pennsylvania HB 1126 Consumer Data Privacy Act (PCPA) ● Full year session - January 5 - Dec 31, 2021 ● Referred to committee on consumer affairs
  • 13. 13 13 Sensitive Personal Data CPA Virginia CDPA CPRA GDPR Racial or ethnic origin X X X X Religious beliefs X X X X Philosophical beliefs X X Political opinions X Union membership X X Mental or physical health X X (diagnosis) X X Sex life or sexual orientation X X X (+sex life) X (+sex life) Citizenship or immigration status X X Genetic data X Genetic / biometric data to identify a person X X X Personal data from a known child X X Art. 8 for child Precise geolocation X
  • 14. 14 14 State by State Comparison Updated July 19, 2021
  • 15. 15 15 Recipe for Success Trends Include Debatable / Discussable Exclude / Don’t Include ● Privacy notice (consumable) ● Individual rights ● Access | Know (confirm) | Delete ● 45 day response time ● Right to appeal ● Define sensitive data ● Minors < 13 ● Vendor contract requirements ● DPIAs / PIAs ● 30 days cure period ● Security requirements ● Individual right to portability ● Controller / processor concepts ● Security audits ● Allow cure period for certain time ● Universal opt-out mechanism ● Security program safe harbor ● Consumer privacy agency ● Private right of action ● Lookback period ● Business-to-Business - explicit exemption ● Employment context - explicit exemption ● Reporting metrics
  • 16. 16 16 Poll Question Should states have a private right of action or a state regulatory agency for privacy? ● Yes to a private right of action ● Yes to a privacy agency ● Both of the Above ● Neither of the Above
  • 18. 18 18 Federal Focus ● EU - US trade ○ Privacy Shield replacement ● HIPAA / Healthcare ○ Information blocking ○ Strong enforcement on individual rights to access (“Right to Access Initiative”) ○ Closed on the public comment period for strengthening HIPAA ● TCPA Amendments Seek Prison Time for Violations ● COPPA: Major Changes to Children's Online Privacy Rules proposed ● Court decision: FCRA: US Supreme Court Finds No Concrete Harm, No Standing What is happening on the federal level
  • 19. 19 19 Federal Regulation ● Several promising bills have been introduced in the past, with most disagreement centering on private rights of action and federal preemption ● Once again, current proposed legislation seems promising ○ Information Transparency and Personal Data Control Act - Rep DelBene ■ HR 1816 ○ Most bills target specific areas of privacy - contact tracing, research, etc. ● How many state laws will it take to encourage Congress to pass legislation? ○ Are the differences among the states operationally impactful? ○ Keep in mind, every state has a data breach notification law ● Would other federal laws simply be expanded and strengthened? ● Consider global implications and impact What’s next?
  • 20. 20 20 Poll Question What do you think the time frame is for getting a US federal privacy law in place? ● This year ● Within the next 4 years ● Not anytime in predictable future ● There shouldn't be one
  • 21. 21 21 From Washinton post, July 19 - referring to July 14 ● The quest for federal rules to govern companies that deal in citizens’ personal information has delivered nothing but disappointments. Nonetheless, a commitment last week by key legislators to get comprehensive regulations on the books by the end of 2022, even if doing so requires some compromise, is promising. Reps. Jan Schakowsky (D-Ill.) and Gus M. Bilirakis (R-Fla.) and Sen. Richard Blumenthal (D-Conn.), all chairs or ranking members of relevant subcommittees in their chambers, agreed in a public event on Wednesday that it’s past time to overcome the pesky points of impasse that have doomed past proposals. Key industry and consumer groups made the same pledge. ● More contentious all along have been the topics of preemption and a private right of action. Mr. Blumenthal on Wednesday signaled a possible breakthrough on the first: A strong federal standard, he said, would be preferable to a patchwork of state standards — but a patchwork of state standards would be preferable to a weak federal standard. The best solution is probably a form of preemption that overrides only state laws inconsistent with the federal rules, and allows others to stand. The problem of the private right of action is trickier to resolve but resolvable nonetheless. A Brookings report last year mentioned a possible route that involves limiting liability to especially egregious violations, as well as setting a higher bar for violations. ● Congress’s aim to do by the end of 2022 what it should have done as long ago as 2012 may be described as unambitious; more generously, it could be described as realistic. Another failure to deliver, however, would surely be embarrassing. https://www.washingtonpost.com/opinions/congress-has-another-chance-at-privacy-legislation-it-cant-afford-to-fail-again/2021/05/08/9409fa28-af5c- 11eb-ab4c-986555a1c511_story.html Statements on point?
  • 23. 23 23 Thank You! See http://www.trustarc.com/insightseries for the 2021 Privacy Insight Series and past webinar recordings. If you would like to learn more about how TrustArc can support you with compliance, please reach out to sales@trustarc.com for a free demo.