Concord Privacy News: 08/22/22
More States Enact Data Privacy Laws While Federal Legislation Gains Ground
This year we’ve seen a number of additions to the growing list of states that have passed data privacy legislation. In March, the Utah Consumer Privacy Act was signed into law, and in May, Connecticut signed into law its Act Concerning Personal Data Privacy and Online Monitoring--both of which bear some resemblance to the California Consumer Privacy Act. Other states, including Oklahoma, Maryland, Rhode Island, and Vermont, have all taken up data privacy policy in recent legislative hearings, reflecting a growing concern for data privacy and protection.
Even more telling is the American Data Privacy and Protection Act, which the U.S. House Energy and Commerce Committee introduced in June. While the fate of ADPPA is yet to be determined, the mere fact that this legislation was introduced is an important first step towards passing comprehensive national privacy legislation.
Regardless of legislative outcomes, data privacy is top of mind for states and consumers across the country. It’s never been a better time for companies to assess their data privacy readiness and compliance. Concord offers privacy reviews to help organizations plan and implement privacy-by-design practices that provide the right controls and protections for their users, build loyalty, and decrease abandonment.
Contact Concord and get your free privacy review today.
Other Privacy News of Note
US senators introduce bipartisan Improving Digital Identity Act
U.S. Sens. Kyrsten Sinema, D-Ariz., and Cynthia Lummis, R-Wy., introduced the Improving Digital Identity Act of 2022. The legislation would create a public-private taskforce to develop ideas to improve cybersecurity while encouraging states to allow citizens to access “critical services” online. The bill would establish digital identity grants for states and tribes that could include digital driver’s licenses. It would also require federal agencies to strengthen the “security, accessibility, and privacy” of their networks. Read more
Google analytics runs afoul of GDPR
Recent reports from several European Data Protection Authorities (DPAs), the bodies empowered to regulate consumer privacy under the General Data Protection Regulation (GDPR), have ruled that Google Analytics violates the law. DPAs in Austria, France, and Italy have found that the tool, which allows website owners to track and analyze traffic to their sites, impermissibly passes European user data back to the United States without adequate safeguards. Read more
Average data breach costs hit a record $4.4 million, report says
Data breach costs keep going up, and consumers are likely paying for them. The average cost of a data breach rose to an all-time high of $4.4 million this year, according to the IBM Security report released Wednesday. That marked a 2.6% increase from a year ago and a 13% jump since 2020. Read more