Yaron Dori’s Post

This blog post discusses the most important provisions proposed as part of the California Privacy Protection Agency’s Delete Act rulemaking, which amends California’s existing Data Broker Registration law and imposes more obligations on data brokers

💡 How does Nebraska’s privacy law stack up to other states? The Nebraska Data Protection Privacy Act (NDPA): ✔️ Stands out with its broad applicability—no revenue or data volume thresholds! This means it covers any company targeting Nebraska residents (though similar to Texas, small businesses do get exemptions). ✔️ Has a permanent 30 day cure period, locking in businesses' grace period to address violations ✔️ Sports a broad definition of "Sale," similar to that in California ✔️ Gives consumers expanded deletion rights, requiring business to delete data obtained from other sources, such as third-party vendors Learn more about what the NDPA requires and how businesses can prepare ➡️ https://lnkd.in/g4KPz496

This blog post discusses the most important provisions proposed as part of the California Privacy Protection Agency’s Delete Act rulemaking, which amends California’s existing Data Broker Registration law and imposes more obligations on data brokers

Fifteen state attorneys general are making a stand, urging Congress to respect and not override existing state privacy laws with new federal legislation. The American Privacy Rights Act (APRA) threatens to preempt laws in 17 states that already have strong consumer privacy protections, including California's landmark legislation. These attorneys general argue that states are better positioned to nimbly adapt to the fast-paced changes in technology. Furthermore, the APRA's strict measures would even impede state investigations into privacy violations, significantly curtails their tools for consumer protection. California Attorney General Rob Bonta underscores the importance of preserving state rights to address privacy concerns swiftly in a tech-driven world. This push back isn't just a legal scuffle—it's emblematic of the ongoing debate over the balance of power in data privacy regulation. Navigating this landscape is crucial to safeguarding consumer rights without stifling innovation. What are your thoughts? Should federal regulation take precedence, or should states continue to lead in this space? Let's discuss! #PrivacyLaw #DataPrivacy #ConsumerProtection #TechPolicy #StateVsFederal #APRA #InnovationAndRegulation

California Privacy Regulations Come into Effect A California court has lifted a stay, allowing enforcement to begin immediately for regulations governing the state's recently amended privacy law, the California Privacy Rights Act (CPRA). These regulations address practical aspects of data collection and consumer rights, focusing on: · Clear and accessible consent: Businesses must present consent information clearly, even on small screens, in disability-friendly formats, and in all website languages. · Avoiding manipulative practices: Businesses must avoid "dark patterns" that pressure users into consent, like prominent "yes" buttons and hidden "no" options. · Comprehensive privacy policies: Businesses must disclose details about collected data, including categories of information, the purpose of collection, consumer rights, and browsing privacy signals. · Transparent data collection notices: Businesses must provide clear notices at the time of data collection, detailing the information collected, the purpose of collection, and a link to the relevant privacy policy section. ·  Stronger service provider contracts: Contracts with service providers must outline specific purposes for data processing, prohibit data misuse, allow businesses to assess compliance, and ensure the provider can meet CPRA requirements. This enforcement marks a significant step towards protecting consumer privacy in California, potentially leading to increased action against non-compliant businesses. If you need information on how to proceed with privacy regulations or would like a free consultation on your data privacy risk, please email MatrixPoint at info@matrixpointconsulting.com https://lnkd.in/eXKUNzG8

This blog post discusses the most important provisions proposed as part of the California Privacy Protection Agency’s Delete Act rulemaking, which amends California’s existing Data Broker Registration law and imposes more obligations on data brokers

Consumers increasingly see their personal data being collected, used, shared, sold and even stolen. Are U.S. policy makers able to craft a comprehensive federal privacy law that strikes a delicate balance between protecting consumers and safeguarding business interests? Bill Tolson of Tolson Communications LLC dives into this question in his latest guest post: https://lnkd.in/grJa8ESN #ADPPA #APRA #FederalPrivacyLaw #PrivacyLaws #Data #RegulatoryCompliance #Smarsh

Rhode Island's legislature has passed and sent H 7787, the Data Transparency and Privacy Protection Act, to the governor. Though missing elements like universal opt-out mechanisms and data minimization requirements, this bill mandates controllers to publicly disclose third parties to whom they have sold or may sell customers' PII. Unlike Oregon and Minnesota, Rhode Island requires this list to be posted prominently on websites or online services, enhancing transparency. #DataPrivacy #LegalUpdate #RhodeIsland #AdvertisingLaw #PrivacyProtection #PII https://lnkd.in/efktnAtD

🚨#NEW: Tuesday, Governor McKee enacted the Rhode Island Data Transparency and Privacy Protection Act (#RIDTPPA), making Rhode Island the 19th state overall and the 7th state in 2024 to enact a comprehensive privacy law. A blog post by FPF’s Policy Counsel for U.S. Legislation Jordan Francis focuses on three aspects of #RIDTPPA: 1️⃣ Commercial websites and internet service providers that collect, store, and sell personally identifiable information (PII) have to provide a privacy notice identifying the third parties to whom they have sold or may sell PII. 2️⃣ #RIDTPPA lacks core obligations and rights that the majority of state comprehensive privacy laws include, such as a data minimization obligation. 3️⃣ The law’s civil penalties are higher than what is typical under comparable laws, for example, violations for intentionally disclosing personal data in violation of the law come with an additional penalty of $100-500 per disclosure. Dive further into highlights of #RIDTPPA and how it compares to other privacy laws ⬇️ https://lnkd.in/gTkefBF7

Join Turnkey and BigID on June 4th for an essential webinar on new penalties, enhanced consumer rights, and practical compliance steps. Learn how these changes will impact your operations and how to stay compliant. Reserve your spot now: https://hubs.ly/Q02ytbJQ0 #DataPrivacy #Compliance