In the digital age, data is everything. “Big Data” feeds countless business processes and offerings. Businesses rely on data to enhance revenue and drive efficiency, whether by better understanding the needs of existing customers, reaching new ones in previously unimagined ways, or obtaining valuable insights to guide a wide array of decisions. Data also drives developments in artificial intelligence, automation, and the Internet of Things. Come 2020, the California Consumer Privacy Act (“CCPA”) may significantly impact businesses’ data practices, with new and burdensome compliance obligations such as “sale” opt-out requirements and, in certain circumstances, restrictions on tiered pricing and service levels. This entry in Hogan Lovells’ ongoing series on the CCPA will focus on implications for data-driven businesses–the rapidly increasing number of businesses that rely heavily on consumer data, whether for marketing, gaining marketplace insights, internal research, or use as a core commodity.
Data brokers are organisations that obtain data from a variety of sources and then sell or license it to third parties. Many trade in personal data, which is purchased by their customers for several purposes, most commonly to support marketing campaigns. The UK data protection regulator has for some time been actively enforcing against organisations who buy individuals’ personal data for direct marketing purposes without first conducting appropriate due diligence to ensure that those individuals have adequately consented to receiving marketing communications. However, in a recently issued monetary penalty notice, the ICO indicated that it may be shifting its enforcement strategy. This post discusses the latest developments.
April 15 marked the release of the long-awaited customizable version of the Model Privacy Notice, a form that provides a safe harbor for compliance with the notice requirements of the Gramm-Leach-Bliley Act (GLBA). Read more about in this entry.
Yesterday the financial regulatory agencies issued a model notification form for Gramm Leach Bliley Act consumer notices, Use of the new model form provides a “Safe Harbor” for covered entities required to provide consumer notices of data sharing practices. A link to the new form is contained within this blog entry.
Recently-enacted amendments to the Montana and North Carolina data breach notifications go into effect today, October 1, 2009. North Carolina. The amendment to North Carolina’s statute increases the state’s notification requirements for smaller breaches. Under the amended law, businesses and public agencies are required to notify the state attorney general every time a resident is notified. Prior to […]