“The times they are a-changin’,” Bob Dylan sang almost 60 years ago. And when it comes to consumers’ reasonable expectations of privacy, they are still a-changin.
I recently participated in a panel hosted by Usercentrics that focused on the cluttered mess of privacy laws that currently govern the United States.
Here are some of the key takeaways:
We have “just” five comprehensive data privacy laws in the U.S. right now, and “only” two are in effect. But we have about 20 comprehensive state privacy bills in the pipeline and a bunch of state biometrics bills, children’s information bills and health information bills. It is still too early to call time of death on the American Data Privacy and Protection Act (ADPPA), which is the closest thing the United States has ever come to a federal privacy law. It could experience a Phoenix resurrection with a Congressional committee hearing set for March 1. What should you do about all the different laws? Handle the core obligations. Start with transparency (even President Joe Biden said so in his State of the Union), address your sensitive information, figure out your sale share in websites and in software development kits (SDKs) (The California Attorney General’s Office said this is yet again an enforcement focus this year.) When looking at transparency and choice, you should mind your consumer expectations, because, just like the times, they are a-changin’ too. Who cares about IP and pixels? Who cares about data sharing? Ten years ago,
Read more