IT - Compliance

Privacy startups are trying to help. One got it wrong

"California's new privacy law was years in the making.

The law, California's Consumer Privacy Act - or CCPA - became law on January 1, allowing state residents to reclaim their right to access and control their personal data. Inspired by Europe's GDPR, the CCPA is the largest statewide privacy law change in a generation. The new law lets users request a copy of the data that tech companies have on them, delete the data when they no longer want a company to have it, and demand that their data isn't sold to third parties. All of this is much to the chagrin of the tech giants, some of which had spent millions to comply with the law and have many more millions set aside to deal with the anticipated influx of consumer data access requests.

But to say things are going well is a stretch..."


Data protection authorities (DPAs) are rapidly increasing their GDPR enforcement activities and here are some trends coming to surface

"You read that right: GDPR enforcement is on fire! While fines are not always particularly high, our analysis shows that, in terms of volume, data protection authorities (DPAs) are rapidly increasing their GDPR enforcement activities. Some interesting trends are also emerging:

  • DPAs have levied 190 fines and penalties to date. With 43 enforcement decisions made so far, Spain leads the pack as Europe's most active regulator, followed by Romania (21) and Germany (18). The UK has imposed the highest total amount of fines -- more than 315 million Euros -- if both British Airways' and Marriott's fines are upheld after appeal. Following are France's Commission Nationale de l'Informatique et des Libertes, with just over 51 million Euros in fines, and Germany's DPA, at nearly 25 million Euros..."

See all Archived IT - Compliance articles See all articles from this issue