It’s finally 2023: the year of data privacy. Well, that’s what we’re calling it anyway. New laws were passed on January 1, 2023 – most notably, the Virginia Consumer Data Privacy Act (VCDPA) and the California Privacy Rights Act (CPRA).
Later on, this year, the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), and the Utah Consumer Privacy Act (UCPA) are also set to be enacted.
The General Data Protection Regulation (GDPR) has updated its requirements, and Quebec is set to add new provisions to its privacy laws as well.
Whew! That was a mouthful. But guess what? There’s more. When it comes to data privacy in 2023, there’s alwaysmore.
Google has settled several outstanding lawsuits for privacy breaches and is still facing others. And Meta continues to be under fire for trying to bypass the GDPR. As you can see, we’ve got a lot to cover this week. Let’s dive right in.
What is Bill 64?
Bill 64 is Quebec’s law that specifically addresses data privacy. While it was enacted in September 2022, new provisions are being added in September of 2023. They include:
Clear, understandable website disclosures, notices, and privacy policies
Privacy by default
Privacy Impact Assessments (PIA)
Right to request, correct, or delete personal data
Individual right to sue businesses for non-compliance
These provisions do not replace the 2022 provisions. Rather, they are an addition to them. If your business is based in Quebec, does business in Quebec, or handles data from users in Quebec, you are subject to these laws. The fines for non-compliance are no joke, either. Depending on the size of your business, the number of users affected, and the seriousness of the offense, you could lose a hefty chunk of cash in a very short time.
In today’s economy, this isn’t a risk that any business wants to take – so keep your eye on Bill 64!
Will Google ever recover from its recent wave of bad publicity?
Google has been under fire for a while now due to data privacy concerns. As it turns out, the past few years were just the beginning. In addition to the discovery that Google Home speakers could be hacked, fines are being handed out left and right for the tech mogul.
A recent $29.5M settlement brings the total of their lawsuits up to $391.5M. Even for Google, that’s a hefty price to pay. And remember, all of this could have been avoided if the tech giant had stayed in compliance with local and global data privacy laws.
Due to its prevalence, Google will likely survive, but small to medium-sized businesses will not have that luxury if they are hit with large fines and loss of reputation. With many fines starting at $7,100+ per violation, you could be facing big hits that your business can’t afford to take.
Why is Meta being fined…again?
Oh, Meta. We hardly have words. After being fined for violating user rights under GDPR, Meta doubled down and appealed a bypass of the rules. The GDPR said “Nope!” This decision was just confirmed in December 2022.
That brings Meta’s total fine up to $390M. Almost as much as Google’s fines. But there’s something more to consider. Overall, Meta has been fined over $900M by the GDPR. In essence, they’re being blacklisted in the EU for repeated infractions.
On the issue of Meta, Max Schrems says:
"Instead of having a 'yes/no' option for personalized ads, they just moved the consent clause in the terms and conditions. This is not just unfair but clearly illegal. We are not aware of any other company that has tried to ignore the GDPR in such an arrogant way."
Yikes. It sounds like they better watch their step in 2023.
Apple just got a bite taken out of its revenue for not being compliant.
Even though Apple supposedly prides itself on being a data privacy champion, they aren’t safe from scrutiny. This time, France imposed a $9M fine based on a 2021 complaint. Apple did not obtain proper consent from its users – and now they’re paying the price.
My business isn’t anywhere near as large as Google or Meta. What do I have to worry about data privacy?
Don’t be fooled. Just because you own a small to medium-sized business, you’re not exempt from the law. And as lawmakers and regulators become stricter, you’ll need to be extra careful to stay in compliance.
From cookie banners and consent preference management to data subject access request management and rules that vary by city, state, and country, complying with data privacy is no joke. In 2023, you’ll definitely need a robust Consent Management Platform (CMP) to keep your business safe.
Sounds complicated? It’s not! The right CMP can get you up and running in just about 30 minutes, and you’ll be compliant with laws and regulations.
At Adzapier, we’re committed to helping your business succeed, even in a shifting privacy landscape.
Just get in touch with one of our privacy experts today to get started. Then, sign up for a 14-day free trial and see for yourself just how easy it is to be compliant.