How to Comply With Data Privacy Laws
By Robyn Anderson
I recently read that the global population creates 2.5 quintillion bytes of data each day, and that 90 percent of the world’s data was created in the past two years. By 2020, it's estimated that 1.7MB of data will be created every second for every person on earth. At the same time, we have become increasingly concerned about privacy and control over our information.
This tension has resulted in an avalanche of new and anticipated privacy regulation. From the European Union General Data Protection Regulation to the California Consumer Privacy Act, and the 16 states that considered comprehensive privacy legislation this year, the impact of privacy regulation will only multiply in 2020.
How do we prepare given we don’t yet know the specifics of the regulation(s) that may impact our businesses? There are some common themes among the varying proposals that give us clues. First, the concept of consumer nonpublic information is expanding beyond the common definition to include Information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a consumer. Second, consumers are granted the following rights:
The right to:
- Access personal information collected
- Access personal information shared with others
- Correction/rectification
- Deletion subject to certain exceptions
- Restrict collection and/or processing
- Opt-out from the sale or sharing of personal information
- Data portability
- The prohibition on discrimination as against a consumer for exercising a privacy right
This is a daunting list for any business but there are things we can do now to prepare. During the ALTA ONE Privacy Horizon session, we will discuss:
- How to conduct a data inventory to determine what types of personal information your business collects, discloses and sells and where it resides in your system
- What to consider in external privacy notices as well as internal policies and procedures
- How to address third-party business relationships
- Employee training
- Consumer requests
The future of data privacy is here. Come join the conversation at ALTA One, hear how we can prepare now, and how your business can benefit from knowing your data.
Robyn Anderson, chief cybersecurity and privacy counsel for Old Republic National Title Insurance Company, and Christopher Gulotta, founder of Real Estate Data Shield, will lead a session titled “Data Privacy Horizon” at ALTA ONE in Austin, Texas. Click here to register.
Comments