Changes in Data Privacy Laws: What Do They Mean for Individuals and Businesses?

Are you worried about data privacy? You’re certainly not alone. This represents a top concern in 2021, especially as users become more aware of the myriad of ways their personal data is handled by the big tech companies they once trusted. After years of putting up with these concerns because they assumed they had no choice, people are beginning to speak up – and change is on the horizon.

A few noteworthy privacy updates have already occurred. While these largely involve the European Union (EU), local legislation promises to bring about greater awareness and enforcement of digital consumer rights. Next up? Federal mandates that could grant ordinary individuals more control over their online experience.

With so many changes in the works for 2021, it’s important to know which are most likely to arrive this year – and how you or your business can best prepare.

Existing Legislation: GDPR and CPRA

Long before the idea of a federal digital privacy law became realistic in the United States, the European Union led the charge with the General Data Protection Regulation (GDPR). While it targets businesses within the EU, this law also addresses data transfer beyond European countries.

Following in the EU’s footsteps, California recently updated the California Consumer Privacy Act (CCPA). Known as the California Privacy Rights Act (CPRA), voters approved this law in 2020 as part of Proposition 24. The new law updates the definition of covered businesses to the point that several enterprises not impacted by the previous CCPA will now need to make significant changes to how they operate online.

What About Federal Legislation?

While the possibility of a federal privacy act largely remains within the realm of speculation, insiders predict that Congress will pass such legislation at some point in 2021. It might not go as far as the GDPR or CPRA, but a long-awaited federal privacy law could feature several of the points of concern that the 116th Congress referenced in numerous proposed bills. These include:

  • The right of individuals to access their personal data.
  • The ability for these individuals to collect and reuse data as they see fit across various digital services.
  • The responsibility of companies to obtain user consent before collecting data.
  • The need for companies to alert users in the event of a data breach.

A federal act could be accompanied by a brand new agency, much as CPRA established the California Privacy Protection Agency (CPPA). At the state level, this has prevented the attorney general from needing to take on a greater volume of consumer privacy cases. Similarly, a federal agency would allow for a more focused approach to privacy matters, with enforcement accompanying education.

What Does This Mean for Today’s Small Businesses?

Entrepreneurs differ in their receptiveness to the latest consumer privacy laws. After all, these can be difficult to understand and implement. Likewise, many business leaders wonder how companies can ensure that they have data privacy when using public clouds. While new laws can provide some guidance, this might not be enough to guarantee compliance or to keep users safe.

At a minimum, businesses should stick to using best practices for safeguarding user data. This means implementing a stringent password protocol that incorporates regular updates and, ideally, multi-factor authentication. Cloud services should be selected with care, as not all providers can currently be depended on to keep data secure. Providers should utilize strong encryption, but this can also be offered at the enterprise’s end to deliver another layer of protection.

Until the federal government enacts privacy-based legislation, experts anticipate that GDPR and CPRA will serve as the baseline for most businesses. Already, international companies have made strong efforts to align with the stringent provisions of GDPR. Similar updates are in the works as many businesses pursue compliance with CPRA and anticipate similar federal legislation.

How NerdsToGo Can Help You Prepare for New Consumer Privacy Regulations

From the latest changes in California to possible consumer privacy updates at the federal level, many organizations will need to adjust how they handle user data. This can be a tall order for small businesses, but it will ultimately improve security and strengthen trust among consumers. Don’t hesitate to seek assistance as you build new safeguards into your approach to obtaining and storing data.

At NerdsToGo, we keep a close eye on evolving privacy laws to ensure we can deliver the detail-oriented guidance that local businesses need. We’re happy to help you implement various measures to provide comprehensive protection against today’s greatest cyber-threats. Our business services include remote monitoring and management, data backup, firewall installation, and more.

In addition to serving the small business community in North Denver, our team at NerdsToGo provides support for individual users. With our help, you can feel confident about keeping your personal data private, even if federal legislation ultimately fails to come about.

Contact us today to learn more about our business and consumer services!