Updated: May 26
2021 research by DLA Piper reported a 19% increase in the number of breach notifications from last year, and the trend is expected to continue over the next four years. The report indicates an additional eight breaches per week compared to 2018.
The report shows that breach notifications rose by 53 daily in one year, a sign that companies appreciate the need for better security. This may be attributed to 2020 data-protection laws, which signify support from the authorities to ensure users have data privacy.
The California Consumer Privacy Act, similar to GDPR, went into effect on July 1st, 2020. The privacy act affects any organization selling products or services or managing data in the state regardless of their location.
The act put consumers in the driver’s seat when it comes to the data businesses collect about them. CCPA enables them to:
Ask which personal data is collected, and how it will be used and shared;
Opt out on the sale of their data;
Delete personal data collected by businesses; and
Fight discrimination that may arise when exercising their CCPA rights. .
After California was introduced (CCPA), other states are following in its footsteps to make their citizens’ data safe. Colorado privacy act goes into effect on July 1, 2023, becoming the third U.S. state to protect its citizen data. Virginia is working on its own privacy act (CDPA), which will go into effect later the same year.
In the public eye- tech giants seem to be doing whatever they please without repercussions, but this may be catching up with them.
A GDPR fine of $528,000.00 in a cross-bored case hit the US tech giant Twitter. This was due to a failure to protect personal data and adequately inform users after an account breach in 2019.
The breach only became known this year when the social network began emailing affected users. Controversially, many felt that GDRP has failed in its aim, given that this was a relatively small amount of money (compared to some other GDPR fines).
The privacy act had its shortcomings in 2019. For example, the two most talked-about fines are the EU GDPR fine for the Austrian Post and the 18-million-euro GDPR penalty for the Austrian Post. The first one was overturned at the end of 2020, while the second was formally annulled, then the fine was significantly reduced (Marriot and British Airways).
The fine was reduced since the ruling found that the case related to the very unfortunate Coronavirus pandemic. As a result, all fines previously imposed relating to GDPR have been reviewed and reduced since they did not show the business in violation had malicious intent.
Interestingly, Google seems to be a repeat offender both in terms of its average fine and the highest penalty incurred - the amount of GDPR fines collected so far is roughly $355 million.
Highest Fine- Google Inc- $56.6 million
Smallest Fine- Google Ireland Ltd. - $32 million
The fines issued to companies that violate the GDPR rules seem particularly large, which can impact the public.
Violations Under, CCPA
Since January 1, 2020, several cases have been brought against companies, that seem to violate the California Consumer Privacy Act. However, CCPA does not have a private right of action for non-security breach infractions.
It's alleged that violations are being used as a basis for claims under unfair competition laws, and in some instances, plaintiffs are directly bringing suits under the CCPA.
Zoom Video Communications is facing several lawsuits over the collection and use of PII, including failing to prevent unauthorized disclosure.
Facial recognition giant ClearviewAI has been accused of “uneven collection and sale of personally identifiable information (PII)” under the CA Consumer Privacy Act (CCPA) and a new law in Illinois called the Biometric Information Privacy Act (BIPA).
Meet the Data Privacy Compliance Automation Solution That You Have Been Waiting For
Consent Management Platform (CMP) is a cloud-based solution that simplifies this complex regulation and helps small and medium businesses and enterprises be privacy regulation-compliant and consider validation of your privacy compliance.
Monitoring compliant data and ensuring a set of records of regular activities
Integration with multiple CRM
An intuitive dashboard with all the data points integration of segments and categories of data.
First & third-party management
Check us out on LinkedIn for more great content- make sure to follow us!
Start with Adzapier's 30-Days Free Trial and never worry about complex privacy regulations again.