Page 62 - Cyber Defense eMagazine August 2023
P. 62
Why You Should Prioritize Your Privacy
Policies
By Jason M. Schwent, Senior Counsel, Clark Hill
The enactment of the California Online Privacy Protection Act of 2003 created a need for commercial
websites in the United States to provide an online privacy telling visitors how a company collects
information from visitors of the site, how that information may be shared with others, and information on
the process for accessing that information. Since that time, privacy policies became a somewhat routine
and ubiquitous part of commercial websites. The preparation of those privacy policies was fairly
innocuous and straight forward—often little more than a simple, accurate, recitation of company practices
would suffice. But with the proliferation of state consumer data privacy laws and more enforcement
activity by the Federal Trade Commission (“FTC”), the simple privacy policy is fast becoming a key
regulatory disclosure, uniquely indicative of a company’s compliance practices and procedures.
Modeled in part on the expansive European Union’s General Data Protection Regulations (GDPR) which
went into effect in 2018, state consumer privacy laws push companies to be more open with the public
about their collection, use, and sharing of information they collect. Since 2018, the number of state
consumer data privacy laws has quickly increased. Following the GDPR lead, states, again starting with
California and the California Consumer Privacy Act, began passing comprehensive consumer data
privacy regulations aimed at giving consumers increased rights in and to the information they provide to
companies. Similar bills have now been passed in Colorado, Utah, Virginia, Connecticut and have been
updated in California with the California Privacy Rights Act of 2020. In the past year alone, legislatures
Cyber Defense eMagazine – August 2023 Edition 62
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.