Data Privacy Day occurs annually on January 28. Launched in the U.S. and Canada in 2008 by the National Cybersecurity Alliance, the Data Privacy Day campaign raises awareness about internet safety and data privacy concerns.
A survey conducted in 2018 by the Pew Research Center found 79% of Americans are “not too or not at all” confident that a company will admit to having made a mistake or accept responsibility for the implications of compromised personal data. (See “Americans and Privacy: Concerned, Confused and Feeling Lack of Control Over Their Personal Information”). Even more concerning, 70% of respondents believed their data was less secure than it had been five years earlier.
This year, on the heels of one of the largest cyberbreaches in history, and amidst constantly evolving international laws and regulations, data privacy and protection has never been more critical to a company’s risk management strategy. As consumers begin to understand the consequences of sharing data, companies need to adapt. Businesses - right now - need to prepare for a multitude of privacy concerns, including compliance requirements, risk assessments, and rising distrust among consumers. It will be a delicate balance; the basic needs of a company - functioning, innovating, maintaining revenues – will co-exist with a heightened need for data privacy and protection. By preparing ahead, knowing the risks, and following a plan, companies can add value and build trust.
Simply put, data privacy is good for business.
When addressing data privacy and protection within any organization, consider the following three principles: compliance and risk mitigation; best practices; and brand management.
1. Avoid potentially costly mistakes by complying with national and international data protection laws.
Data privacy protection is stronger than it has ever been. Landmark legislation passed in the last five years reflects the growing concern for protecting personal data. In 2018, the European Union enacted the General Data Protection Regulation (“GDPR”) to govern how companies handle personal data for EU citizens. While the U.S. lacks comprehensive federal law that protects privacy, some states are breaking new ground. California passed a significant law that took effect in 2020 called the California Consumer Privacy Act (“CCPA”). As the most comprehensive data privacy legislation in the U.S, the CCPA has set the groundwork for the rest of the country to enact more stringent regulations and stronger safeguards against data privacy issues.
With the onslaught of privacy regulations comes the need to comply with them. Failure to do so raises the possibility of large fines and other penalties, especially under the GDPR. Non-compliance also risks business relationships and consumer trust. It’s important to know and understand the law so that you can comply with it. As the obligation to protect privacy continues and evolves, companies must educate themselves and act within the bounds of applicable data privacy laws.
2. Exercising best practices will limit your legal liability and build trust with consumers.
Data privacy affects all companies, regardless of size. Entrepreneurs making their first forays into business and Fortune 500 companies alike are tasked with safeguarding their customers’ information. To that end, certain best practices will minimize data privacy risks, including the following action items.
- Be minimalist. Only collect needed data and store it only if needed for future use.
- Be transparent. Make sure your privacy policy is easily accessed by the public. Make sure it’s up to date. When there has been an exposure or breach, remediate the issue as soon as possible and alert the affected parties.
- Be secure. Restrict data access to only those who truly need it. Make sure data is secure when stored, but also when it is transferred from one system to another.
- Be proactive. Conduct privacy audits. Revisit your operating procedures often. Are you launching a new product? Using a new third-party provider? Branching out into new territories or countries? All of these changes may require alterations to your data privacy procedures.
3. Gain a competitive edge through data privacy.
Companies improve brand value and goodwill by protecting data, and communicating with consumers regarding such protection. A company that emphasizes and prioritizes data privacy protection will attract the increasing number of consumers who are concerned about safeguarding their personal information, particularly in technical fields. In addition to building a reputation for caring about consumers’ privacy, follow through is also paramount, Transparency and consistency in data privacy protection is the key to winning consumer trust.
As fear of compromised personal data grows, consumers will alter online behavior. Companies can proactively manage this in many ways, but the most important principle remains: safeguarding a consumer’s data will, in turn, protect the company itself. Moreover, demonstrating a commitment to privacy can build customer loyalty and offer significant advantages over competitors.
- Senior Attorney
Carey Kulp, CIPP/US, helps clients protect one of their most valuable assets: their brands.
Drawing on more than 10 years’ experience in intellectual property law, Carey counsels her clients on strategies to identify and develop ...
Subscribe
Recent Posts
- Artificial Ingenuity: Is Generative AI the New 'Person of Ordinary Skill' in Patent Law?
- The Expiration of the After Final Consideration Pilot Program 2.0 (AFCP 2.0)
- Patently Unclear: Why Result-Oriented Claims Don’t Make the Cut Under 35 U.S.C. § 101
- Make Your Invention The Priority, What Track-1 Can Do For You!
- Navigating Final Rejections in Patent Prosecution: AFCP 2.0 vs. 37 CFR § 1.116
- A Clear POV on Patent Eligibility Under 35 U.S.C. 101: Contour’s Claims Zoom Back Into Focus in Contour v. GoPro
- Understanding the Recent Federal Circuit Decision in Broadband iTV, Inc. v. Amazon.com, Inc. on Patent Ineligibility
- Federal Circuit Clarifies Obviousness-Type Double Patenting in Allergan v. MSN Laboratories: The Impact of Patent Term Adjustments on First-Filed Patents
- The Risks and Rewards of Using Open Source Software
- Don't Let Your Trade Secrets Walk Out the Door With Your Employees: Patent Them!
Archives
- November 2024
- September 2024
- August 2024
- June 2024
- May 2024
- April 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- October 2022
- August 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- November 2019
- October 2019
- September 2019
- June 2019
- April 2019
- February 2019
- January 2019
- October 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- August 2017
- July 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017