Companies are often required to collect sensitive data from consumers, such as personally identifiable information. This sensitive data is a target for cyberattacks. In response, governments worldwide have been working to establish strong data privacy standards. Prominent examples are the EU’s 2018 General Data Protection Regulation and the 2020 California Consumer Privacy Act. Other states are following California’s lead, resulting in uneven consumer protections and a complex minefield of standards to which companies will struggle to adhere.
The best solution for keeping consumers’ sensitive private data secure is a comprehensive national standard. Such regulation would address how to define and protect sensitive personal data and de-identified data; establish minimum standards of protection and care; and outline uniform rules governing data protection, security, breach notification, and regulatory oversight. This unform approach will ensure the greatest security for consumers while simultaneously mitigating excessive costs and complexities for the companies that store their information.
ITSP Magazine NTSC Podcast Series: Episode 1 (Federal Data Privacy) (April 13, 2020)
Privacy Expert Jodi Daniels Publishes CCPA Amendment Summary and Field Guide (December 19, 2019)
Data Privacy for a New Decade: 2020 New Year's Resolutions for CISOs (December 16, 2019)
What Every CISO Should Know About Marketing Ad Tags (April 8, 2019)
5 Reasons Why Privacy Leaped Forward in 2018—and What It Means for 2019 (December 20, 2018)
CISOs Should Take a Nod from Article 38 (July 16, 2018)
Council of Foreign Relations Wants US Baseline Data Protection Law (February 7, 2018)
Why CISOs Should Care About Developments in the EU (April 18, 2017)
U.S. Businesses Need to Prepare Now to Align with EU Privacy Law (January 30, 2017)