Connect with us

Big Data

California’s Proposition 24 Confirms the Fate of Data Privacy

Avatar

Published

on

Click to learn more about author Kyle McNabb.

The rolling thunder of data regulations rumbles on — much to the dismay of companies and the delight of consumers. The latest rainmaker (or taker) is California’s Proposition 24. This consumer privacy ballot initiative, containing the Consumer Privacy Rights Act (CPRA), was passed on November 3, 2020, establishing a new standard for data privacy in the state. The CPRA builds on the California Consumer Privacy Act (CCPA), addressing its predecessor’s shortcomings and expediting California’s legislation on data privacy.

While Proposition 24 has been nicknamed CCPA 2.0, it is much more than another drop in the regulatory bucket. It will enforce new requirements that companies must take note of and prepare for — both with their compliance strategies and long-term approach to data privacy, which is clearly here to stay.

What Does
Proposition 24 Mean for Data Privacy?

There is a
key difference between the CCPA, which just became enforceable months ago, and
Proposition 24 (and the CPRA). Proposition 24 will become a state law as
written, not legislatively-enacted — which means it can’t be amended without
more voter action, like another ballot initiative. Why does this matter?

The passing
of Proposition 24 in California is further proof that consumers want a say in
how they are tracked on the internet and how their data is used by companies. They
feel so strongly about these rights that they’ve already improved upon the CCPA
and ensured these improvements were more legislatively permanent. That’s
telling. Proposition 24 represents more than a surge in regulations — it
embodies an awakening of the modern consumer.

With a
greater burden placed on businesses to stay on top of cybersecurity audits and
risk assessments, it’s increasingly important they have a handle on how much
data lives within their organization, how sensitive it is, and how much risk is
involved in their handling of that data.

How Does
Proposition 24 Change the CCPA?

The new legislation will ultimately strengthen and give new teeth to the existing CCPA by creating new privacy rights for consumers, obligations for businesses, and enforcement mechanisms through a new state agency. Under Proposition 24, consumers gain the right to:

  1. Correct personal information
  2. Know the length of data retention
  3. Opt-out of advertisers using precise
    geolocation
  4. Restrict usage of sensitive personal
    information

While the
new legislation does roll back requirements on companies to respond to
individual data requests and provide full data reports, other laws still require
businesses to provide individuals with information about how their data is used.
In other words, companies shouldn’t be thinking about relaxing any data privacy
and security efforts they have in place. Instead, businesses should look out
for four big changes from Proposition 24:

  1. It defines a new category of “sensitive personal information,” which
    is broader and stricter than just “personal information.” For instance, new
    stipulations include increasing penalties three times for violations concerning
    consumers younger than 16 years old.
  2. It creates a new state agency: the California Privacy Protection
    Agency (CPPA), the first of its kind in the United States. The CPPA will have
    full administrative power and oversight for enforcement, including audits.
  3. It prohibits precise geolocation tracking to a location within roughly
    250 acres. To accommodate this change, companies will have to adjust their data
    collection processes.
  4. It allows consumers to limit the use and disclosure of sensitive
    personal information based on the broader category.

The key
here is that the legislation still gives consumers data rights they didn’t have
previously, and companies will need to actively make changes to their data
collection practices.

How Should Companies
Prepare for Proposition 24?

While the
new legislation won’t go into effect until the start of 2023, consumers’ right
to access their personal information will extend back to data collected by
companies on or after January 1, 2022. That gives businesses just a year to
prepare for these massive changes, so it’s critical they begin their
preparations now. In fact, state-specific legislation will drive data privacy
regulations to go national. To prepare for the future, businesses must invest
in tools that make it easier to protect the privacy of consumers’ information
and govern that information in compliance with regulations.

Organizations need to build trust with their data — knowing where it lives, where it came from, and who has touched it. For many companies, trust begins with building an automated “as is” data inventory, which collects metadata from sources inside and outside the business. Proposition 24, like other data privacy regulations, requires that companies can quickly locate all sensitive personal information to respond to data consumer requests or opt-outs. A data inventory automates the scanning and identification of sensitive personal data across the entire organization — giving companies a full view of the information they have and where it is.

That said, data intelligence is not enough for compliance alone — companies also need visibility into where sensitive personal information resides within their documents, content, and records, too. This is a major roadblock for companies. Most businesses lack the ability both to find sensitive information within content and to associate that information with a specific person — and it’s only getting worse with remote work and content sprawl. Companies must operationalize privacy compliance in order to adhere to consumer requests around their data. They need a governance strategy that can locate personal information anywhere in the enterprise. Having solutions with capabilities such as rules-based retention, redaction, and auditability of access makes this process much easier, especially when responding to consumer questions/requests.

By implementing a privacy-aware information management
strategy — for both structured and unstructured data — organizations can
understand their entire ecosystem. Heading into 2021, it will be increasingly
important to proactively seek out dark data, tackle compliance, and prepare for
current and future data privacy regulations like Proposition 24.

It’s no longer enough to simply manage data and content.
As the GDPR, CCPA, and now CPRA have shown, data privacy regulations will only
keep coming — and they will be increasingly targeted, intentional, and perhaps
even stricter. Companies outside of California, or the EU for that matter, must
resist the urge to turn a blind eye while they are not the direct subjects of
data regulations. Because while data privacy laws may sound like distant
thunder today, the lightning is on its way.

Source: https://www.dataversity.net/californias-proposition-24-confirms-the-fate-of-data-privacy/

Big Data

Avatar

Published

on

Continue Reading

Big Data

Avatar

Published

on

Continue Reading

Big Data

Avatar

Published

on

Continue Reading

Big Data

Avatar

Published

on

Continue Reading
Big Data3 days ago

Online learning platform Coursera files for U.S. IPO

Blockchain5 days ago

Elrond & Reef Finance Team Up for Greater Connectivity & Liquidity

Blockchain4 days ago

Non-Fungible Tokens – NFT 101 – Why People are Spending Millions of Dollars for Crypto Art and Digital Items

Blockchain5 days ago

eToro and DS TECHEETAH Change Face of Sponsorship With Profit-Only Deal

Blockchain5 days ago

Apple Pay Users Can Now Buy COTI Via Simplex

Business Insider3 days ago

Wall Street people moves of the week: Here’s our rundown of promotions, exits, and hires at firms like Goldman Sachs, JPMorgan, and Third Point

Blockchain5 days ago

TomoChain (TOMO) Increases after Retesting Previous All-Time High

Blockchain5 days ago

Tron Dapps Market Gets A Boost As Bridge Oracle All Set to Launch MainNet Soon

Blockchain5 days ago

Bitcoin (BTC) Rejected After Sprint Past $50,000

bitcoin cheat sheet close up
Blockchain4 days ago

Bitcoin “Cheat Sheet” Calls For Next Leg Up To $77K

Blockchain5 days ago

Bitcoin SV, Uniswap, Zcash Price Analysis: 04 March

Blockchain5 days ago

Enjin Unveils Plans to Become a Multi-chain Ecosystem for NFTS

Business Insider3 days ago

‘We’re in a very unusual situation’: A 48-year market vet breaks down why stocks are hurtling towards an 80% drop this year – and says gold will soar to $2,500 as soon as Q2

Blockchain5 days ago

Ripple CEO Files Dismissal Motion on SEC Charges

Blockchain5 days ago

Announcing TGE: Taraxa Wants to Put Every Informal Transaction on the Record, Unveils Details About the Upcoming Public Sale

Blockchain5 days ago

EOS, Crypto.com Coin, Dash Price Analysis: 04 March

Blockchain5 days ago

BitCasino Introduces Cardano Payment Method – Gives Away ADA

Blockchain5 days ago

Tim Draper believes Netflix could be next to invest in Bitcoin

Blockchain5 days ago

Top New York Executive Sees Bitcoin Price at $150,000 by Q1/2022

Blockchain5 days ago

DeFi Project Meerkat Suspected of $31 Million Rug-Pull

Trending