As part of Data Privacy Day 2021, ask yourself, does my business have a Privacy Program in place? Probably not. But should it? That’s a great question for a privacy professional — someone focused on privacy practices, laws, and regulations.
Based on your location, the nature and size of your business, and the data you collect, you may be required to have a privacy program in place. But even if you’re not (currently) required to do so, it may be necessary to keep up with your competitors. Recent surveys conducted by Cisco and TrustArc show that:
- 92% of consumers are concerned about online privacy;
- 84% of consumers want more control over how their data is used;
- 89% of consumers avoid companies that do not protect their privacy; and
- 32% of consumers are not only willing to but have actually changed companies or providers over data-sharing policies.
To understand just how important privacy is in our current society, one need only look at Apple’s most recent OS update and its related changes to the App Store. As of December 14, 2020, any developer submitting an app to the App Store is required to disclose what information is collected by the app developer or its third-party partners and how, specifically, that information is used. Those details are passed on to consumers through “Privacy Labels.” That is, Apple users can now select an app based on what personal information the app collects and what is done with that information.
But even setting aside consumer expectations, 2021 looks to be a landmark year in privacy. The State of New York is poised to pass privacy legislation similar to the California Consumer Privacy Act (CCPA), with some notable differences, including application to a broader business base and a private right of action for general violations. But New York is only one of many states on the cusp of joining California, including Washington, Minnesota, Virginia, and Oklahoma. Others are not far behind. And at the Federal level, on his first full day in office, President Biden immediately acted on the privacy front, appointing Christopher Hoff to oversee negotiations on cross-border data transfers between the US and the EU. Further, lawmakers have signaled an intent to pursue privacy legislation at the federal level.
With consumer expectations on the rise and governments at both the state and federal levels pursuing privacy legislation, now is the ideal time to either start working on or improving the privacy program at your business. Ask us how our privacy professionals can help.
Jeffrey A. May practices in the areas of general business law, intellectual property, and litigation with a focus on the increasingly important area of Cybersecurity and Data Privacy Law. He is credentialed as a Certified Information Privacy Professional/United States (CIPP/US). He has prior experience owning and operating a technology-based business. His experience and education allow him to assist clients with a wide range of business issues and litigation matters. Jeffrey helps clients identify and mitigate risks related to data security incidents and breaches. He also helps with information technology policies and practices, and data sharing arrangements with third parties.
Other posts to consider: