‘Data Privacy’ A Desideratum in Media and Communication Sector

Posted by samriddhitlg on March 3rd, 2020

In Today’s hyper-connected world, companies find colossal value in collecting, sharing and using data with the rise of the data economy.Companies such as Amazon, Google, and Facebook have built empires on the data economy. However, transparency in how businesses abide by their privacy policies, request consent, and manage the data is vital to build trust and accountability with customers. Many companies have imbedded the importance of privacy through highly publicized privacy fails and nowadays, most western countries have already adopted comprehensive legal protections for personal data.

Whereas most people agree on the importance of data privacy and data protection, the definition of “data privacy” itself is extremely complex. Gartner Predicts 11% of business units have no involvement in setting information security policy.

From lead generation to digital marketing, the media industry has become more sophisticated. The misuse of consumer data has resulted in countless investigations and enforcement actions, thus Governments worldwide have now stepped-up legislative efforts in a big way.

EU’s General Data Protection Regulation

The European Union’s General Data Protection Regulation (GDPR) received virtually all the attention in 2018 in terms of privacy and data security legislation. It is now the primary law regulating how companies protect the personal data of EU residents.

GDPR affects businesses with hefty fines for non-compliance regulation. Covered entities must know the consumer data that it possesses, ensure that proper consent is obtained and vet service providers. GDPR’s impact on data-driven business cannot be denied and it has started changing the media industry globally. Due to the extraterritorial scope of the law, the companies are compelled to comprehend the key component of the GDPR if they collect, retain or use European consumer data.

Developments in the USA for Data Privacy

While the European Union’s GDPR has had the data privacy spotlight for the past year, companies should be paying close attention to what is going on in the United States. To some extent, the increase in domestic data privacy legislative activity is the result of myriad consumer data scandals, consumer advocacy groups’ strong appeal for increased transparency into big data, GDPR and the European Parliament’s criticism of domestic efforts to provide an adequate level of protection for the international transfer of personal data.

Colorado Cybersecurity Law:  The Colorado law covered entities to design and implement reasonable security procedures that are appropriate to the nature of the personal identifying information and the nature and size of the business and its operations.

Covered units are also required to implement dispose of documents containing confidential information properly, vendor management programs, and ensure that confidential information is essentially safeguarded when transferred to third-parties. In terms of data breach incident response plans, Colorado’s new data breach notification timeframe is now the shortest in the US.

Massachusetts Written Information Security Programs: Massachusetts’ data security regulations require every company that owns or licenses “personal information” about Massachusetts residents to develop and maintain the implementation of written information security programs (WISP). The WISP must contain certain minimum physical, administrative and technical safeguards to protect “personal information.”

California’s Consumer Privacy Act of 2018:  The California Consumer Privacy Act of 2018 advocates as a historic step toward greater control for California consumers over their personal data. It is effectual from January 1st, 2020 and has a GDPR-light approach. This will significantly impact the marketing operations of the media business. This act expansively defines “personal information” to include browsing and search history, as well as inferences drawn from certain data. This recently enacted privacy legislation is profoundly impacting the way that the companies operate and Government regulators across the globe expect companies to prioritize consumer privacy and data security, emphasizing that it’s the time for companies to make modifications to data storage and processing protocols.

Source: https://www.theleadersglobe.com/