Sandra Jeskie, a partner at Duane Morris, said outside of the [California Consumer Privacy Act], the U.S. still doesn’t have many laws limiting companies’ ability to share user data or outlining requirements for privacy policies. But that is likely to change, she added, as federal legislators debate a national data protection law. Many states are in the process of creating their own legislation.
“People have seen GDPR, they’re now seeing [CCPA], and of course there’s been some very significant, high-profile data breaches of information,” Jeskie said. “Certainly, legislators are much more cognizant of the privacy protections, and I think we’re starting to see a change in the U.S. consumer version of what information should be protected and not. We’re seeing some momentum for a national privacy law.” …
As legislators and consumers grow more aware of potential cyber risks, it’s important for companies to understand what user data they’re collecting, why they’re collecting it and how they’re sharing and storing it, Jeskie said, so they’re able to share that information with users.
She noted privacy policies may change over time as the company launches new products and features. Customers need to be notified when that happens.
Reprinted with permission from The Recorder, © ALM Media Properties LLC. All rights reserved.