The Data Privacy Detective turns the spotlight on five American data privacy developments in a conversation with Melissa Kern, Co-Chair of Frost Brown Todd’s Privacy and Data Security Team.
- California’s data privacy law, CCPA, comes into force in 2020. It’s occupied attention because of California’s size and its potential extraterritorial application. It provides limited rights for individuals to sue companies that violate CCPA, restricted to certain cases of data breach. Privacy advocates were disappointed when the California State Senate rejected a bill to empower individuals to sue companies that violate any part of CCPA, a big win for the tech sector in America’s largest state.
- In the absence of an overarching U.S. law, the statutory action in data privacy has been on a state level, as in California. But the Network Advertising Initiative foresees the need for national standards and intends to fill that role as a Self-Regulatory Organization (SRO) rather than have a national law that could be less friendly to business interests. It issued a revised Code of Conduct 2020. A key upgrade requires opt-in consent of persons whose location data will be collected from various devices.
- WhatsApp users were stunned to learn that spyware could be implanted on their phones without their knowledge. WhatsApp promptly issued an upgrade to be downloaded at no charge that was said to fix this stealth attack, permitted by exploitation of a buffer-overflow vulnerability. Another privacy embarrassment for Google, though one promptly addressed.
- San Francisco became the first city known to prohibit use by city agencies of facial recognition technology. Other cities are considering similar bans. Unlike local laws banning cameras to catch drivers going through red lights, this ban restricts the use of analytical technology without barring devices that take photos without our express okay.
- Google is rolling out settings on its Chrome browser that will enable users to delete 3d-party cookies. This will be optional, as some individuals may want to go to their grocery store and have their device tell them about a discount on their favorite foods and beverages without being asked. Others find it creepy that our whereabouts are not only being monitored by third parties but are used to stay in touch with us without our asking them to come along for the ride.
Business Resources for the California Consumer Privacy Protection Act (CCPA)
- CCPA Checklist
- CCPA Flowchart
- CCPA FAQ
If you have ideas for more interviews or stories, please email info@thedataprivacydetective.com.