Picture of Lily Li on Critical Mass Radio

Metaverse Law on Critical Mass Radio Show

California Privacy Law, Privacy Law ,

On February 13, 2019, Lily Li of Metaverse Law appeared on Critical Mass Radio Show to discuss trends in privacy law and general pointers for businesses. Three takeaways from the show include:

  1. Regardless of the size of your company, consider data privacy. The size of your company itself is not as relevant as is the customer data you process. Even if you are a small company, but have a large customer base, chances are you should be looking at the data privacy regulation in your state. If you have customers overseas, such as in Europe, it is important to realize that you will then fall under European privacy laws. Privacy laws have to do with where your customers are, rather than simply where your company is based. Be aware and do your research to ensure that you are complying to the regulation that impacts your firm.
  2. Data belongs to the individual. While in the past, customer data was thought of as the company’s intellectual property, this is no longer the case. Customer data belongs to the individual, so treat it like it is their property ­ not just yours. Your clients have the right to tell your company what they want (and don’t want) done with their data, so it is crucial to ensure that you have a process in place to comply and verify with your customer.
  3. Put your data house in order. Data security affects many departments in your company, from the front end to the back end. As such, it is important to find a workflow so customer data is protected throughout its entire life cycle. Start by gathering all of your company’s department heads together in a room and ask them this key question: “Where do you store data?” From there, it will be clear what needs to be addressed when it comes to your data.

Listen to the full interview here:

Pole with sign saying "future".

Privacy Law Forecast for 2019

California Privacy Law, GDPR, Privacy Law , , , , , , , ,

Image Credit: ID 23689850 © Steve Ball | Dreamstime.com

This past year was quite a whirlwind for privacy and cybersecurity watchers. Just to sum up a few of the top events of last year:

  • Facebook’s Cambridge Analytica scandal rocked political headlines
  • Europe introduced the GDPR, the most comprehensive data protection legislation to date in the world
  • California enacted the California Consumer Privacy Act, becoming the first US state to create GDPR-style rules
  • Google came under fire for allowing app developers to read your email, and track your location (even with location tracking off!)
  • Marriott’s guest reservation system was hacked, exposing the personal information of up to 500 million guests, including passport numbers and payment numbers for some of those hacked

What will happen in 2019? Here are our top 5 predictions:

Continue Reading Privacy Law Forecast for 2019

Image of gears directing arrows to shield.

California Consumer Privacy Act vs GDPR – How to Maximize Your Privacy Compliance Program

California Privacy Law, GDPR, Privacy Law , , , , ,

California’s recent passage of the Consumer Privacy Act of 2018 now places the world’s fifth-largest economy under European style data protection rules. Given the new law, US businesses that were previously hesitant to implement GDPR are now reconsidering their position.

Luckily, the GDPR and the California Consumer Privacy Act (CCPA or CaCPA) share some similarities. Both provide for consumer-facing privacy notices, data access rights, and data portability. As businesses automate their GDPR compliance processes, they should also leverage those same processes under the CaCPA to save significant time and expense.

Below, we have listed five common operational steps that all businesses should take in their GDPR and CaCPA privacy compliance programs:
Continue Reading California Consumer Privacy Act vs GDPR – How to Maximize Your Privacy Compliance Program

Lock placed on computer keyboard

California Consumer Privacy Act – The Top 5 Things You Need to Know

California Privacy Law, Privacy Law , , ,

On June 28, 2018 Governor Brown signed off on the strictest set of data privacy laws to date in the United States – the California Consumer Privacy Act of 2018 (full text here). Learn more about how it compares to the former ballot initiative here.

The Consumer Privacy Act will give Californians unprecedented rights to know what information businesses collect about them, where that information comes from, and control how that information is shared. It applies to all companies that “do business” in California and that exceed one of the following thresholds:

  • Annual gross revenues of more than 25 million dollars
  • Processes the personal information of 50,000 or more California residents, households or devices annually
  • Receives 50% or more annual revenue from selling the personal information of California residents

According to a recent study by the International Association of Privacy Professionals, this means that over 500,000 US companies will be affected by the Consumer Privacy Act – including small to medium sized businesses.

Given the far-reaching effects of the Consumer Privacy Act, here are the top 5 things businesses should know about this new law:

1. The “Right to Know”: California consumers will have the ability to make a request, once every 12 months, to receive the following information about them:Continue Reading California Consumer Privacy Act – The Top 5 Things You Need to Know

California state flag

California Privacy Update: Tentative Compromise on Consumer Privacy Act

California Privacy Law, Privacy Law , ,

6/28/2018 Update: Governor Brown signed AB-375 into law on the afternoon of June 28, 2018. The law is named the California Consumer Privacy Act of 2018, and will take effect in January 2020. This will give industry and lawmakers some time to regroup and fine tune the regulations under this new act.

In a last-minute attempt to keep the California Consumer Privacy Act initiative off the November ballot, California lawmakers reached a tentative deal with ballot sponsor Alastair Mactaggart on June 21st to push forward a legislative privacy bill. The deal depends on the bill passing both houses and being signed by Governor Brown by June 28th.

The proposed bill, introduced by State Assembly member Ed Chau and state senator Robert Hertzberg, would give California consumers unprecedented rights to know what information businesses collect about them, where that information comes from, and how that information is shared. The bill also gives consumers the power to stop companies from selling their data.

Continue Reading California Privacy Update: Tentative Compromise on Consumer Privacy Act

1 2 3 4 5