The Marteq Alert
3.7K views | +0 today
Follow
Your new post is loading...
Scooped by CYDigital/marteq.io
Scoop.it!

Virginia Legislature Is Set to Consider Comprehensive Data Privacy Legislation - JDSupra

Virginia Legislature Is Set to Consider Comprehensive Data Privacy Legislation - JDSupra | The Marteq Alert | Scoop.it
This year, it appears Virginia is poised to seriously consider adoption of a broad consumer data privacy framework.  Senate Bill 1392 , sponsored by Senator David Marsden (D-Fairfax), was introduced on January 13, 2021. House Bill 2307, sponsored by Delegate Cliff Hayes, Jr. (D-Chesapeake), was introduced on January 20, 2021. The bills create the “Consumer Data Protection Act.”

Both bills establish a framework for consumers to more control over their data. Under the bills, consumers are given the right to access their data, correct inaccuracies, request deletion, obtain a copy and the ability to opt out of collection and use of data “for purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.” (See proposed 59.1-573).

The bills apply to all persons that conduct business in the Commonwealth and either (i) control or process personal data of at least 100,000 consumers or (ii) derive over 50 percent of gross revenue from the sale of personal data and control or process personal data of at least 25,000 consumers.
CYDigital/marteq.io's insight:

This is the second significant piece of data privacy legislation at the state level (CCPA is the first). Curious as to how this plays out in the Democratically-controlled government (Executive, Senate, House of Delegates).

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

After 20 years of debate, it’s time for Congress to finally pass a baseline privacy law - Brookings

After 20 years of debate, it’s time for Congress to finally pass a baseline privacy law - Brookings | The Marteq Alert | Scoop.it
The world would be very different if Congress had passed Federal Data Privacy legislation in 2000. Despite its shortcomings for the current marketplace, it would have established a basic level of accountability for personal data that is totally lacking today. Consumers and businesses would know the rules, and the FTC could enforce them with appropriate penalties for deterrence. Such a law would also have provided the basis for subsequent amendments (whether by Congress or through FTC rulemaking) to address developments and lessons learned, including the many new business models and technologies that have emerged over the years, the need to advance beyond “notice and choice” as the primary means to protect privacy, and the relationship between consumer data and market power.

Instead, the intervening years have brought us massive data breaches, virtually unlimited data collection online and in our public spaces, huge platforms that know everything about us and dominate the marketplace, and algorithmic predictions that create risk of bias and loss of opportunity. Consumers feel unprotected, and businesses are confused about their obligations. 

The damage wrought by the pandemic—to our health, our lives, and our livelihoods—should be our first priority until we get it under control. But then Congress should turn again to privacy with renewed commitment to find common ground and pass a federal privacy law. Congress is now in a strong position to finally tackle and resolve the most difficult issues always left for “later”– including whether to preempt state privacy laws and permit private rights of action. Compromise and creativity will be essential, with the understanding that the final law must affirm baseline privacy as a core U.S. value, and provide the strong consumer protections and corporate accountability that are missing in the marketplace today.  After over twenty years, it’s time.
CYDigital/marteq.io's insight:

When the Brookings Institution is calling for this, then you know it's just a matter of time before it happens. Start with adhering to everything CCPA/CPRA: you'll be compliant with CA, and you'll be a step ahead of the game.

 

Collect zero party data from your consumers NOW through marteq.io's FREE pilot program. Contact joe@marteq.io to qualify. #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Top Biden Tech Advisor Is Critic of Internet Firms; Helped Craft California Privacy Law - Insurance Journal

Top Biden Tech Advisor Is Critic of Internet Firms; Helped Craft California Privacy Law - Insurance Journal | The Marteq Alert | Scoop.it
President-elect Joe Biden’s top technology adviser helped craft California’s landmark online privacy law and recently condemned a controversial federal statute that protects internet companies from liability, indicators of how the Biden administration may come down on two key tech policy issues.

Bruce Reed, a former Biden chief of staff who is expected to take a major role in the new administration, helped negotiate with the tech industry and legislators on behalf of backers of a ballot initiative that led to the 2018 California Consumer Privacy Act. Privacy advocates see that law as a possible model for a national law.

Reed also co-authored a chapter in a book published last month denouncing the federal law known as Section 230, which makes it impossible to sue internet companies over the content of user postings. Both Republicans and Democrats have called for reforming or abolishing 230, which critics say has allowed abuse to flourish on social media.
CYDigital/marteq.io's insight:

Well, if you're reading tea leaves, then look at these tea leaves. A CCPA on the federal level? Regardless, Reed's philosophy runs counter to the bill being discussed in the Senate, sponsored by four R's.

 

See how extended zero-party data is your greatest marketing resource...tap into it right now!: http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

New Jersey Introduces Digital Asset and Blockchain Technology Act | Finance Magnates

New Jersey Introduces Digital Asset and Blockchain Technology Act | Finance Magnates | The Marteq Alert | Scoop.it
New Jersey has moved closer to the implementation of a state-level regulatory framework for firms involved in cryptocurrency services. The new Senate bill was introduced on Thursday.

The newly presented Senate bill (3132) proposes to regulate cryptocurrency service providers under the New Jersey Department of Banking and Insurance. 

The recent bill shows that New Jersey is moving one step forward to embracing a similar regulatory structure implemented by neighboring New York, known as BitLicense. The New York State Department of Financial Services (NYSDFS) designed a licensing framework for businesses involved in digital currencies. BitLicense came into effect in 2015, and now several crypto firms are regulated under the framework. The presence of a newly introduced bill by New Jersey in both houses appears to be a strong indication that crypto licensing is being taken seriously at all levels.
CYDigital/marteq.io's insight:

NJ has to make this move, given that whatever happens in NY happens in NJ, and vice versa.

 

See how extended zero-party data is your greatest marketing resource...tap into it right now!: http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Predictions 2021: Privacy Becomes An Imperative In A Year Of Transition - Forbes

Predictions 2021: Privacy Becomes An Imperative In A Year Of Transition - Forbes | The Marteq Alert | Scoop.it
Three privacy-related trends will underpin this transition: 1) an ever-increasing appetite to collect, process, and share sensitive personal data from consumers and employees; 2) despite the recessionary economy, values-based consumers will increasingly prefer to engage with and entrust their data to ethical businesses; and 3) regulatory and compliance complexity in relation to data privacy will increase further.

Against this scenario, for 2021, Forrester predicts that:

Regulatory and legal activity related to employee privacy will increase 100%. 
One in four CMOs will invest more in technology to collect zero-party data. 
CCPA 2.0 will pass and spur the introduction of federal privacy legislation in the US. 
CYDigital/marteq.io's insight:

We've been telling anyone that would listen that this is around the corner. It's happening right now, under our noses. You're going to need to embrace ZPD and data privacy: do it in one action (us).

 

See how extended zero-party data is your greatest marketing resource...tap into it right now!: http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

What Tech Companies Need to Know About the SAFE DATA Act - Security Boulevard

What Tech Companies Need to Know About the SAFE DATA Act - Security Boulevard | The Marteq Alert | Scoop.it
This law would expand what’s considered sensitive data and include enacting data security standards to accompany data privacy standards. It would create rights to transparency, access, deletion, correction, and portability and require opt-in consent to process or transfer “sensitive covered data.” Under this law, businesses would need to name privacy and data security officers within their firms and meet “reasonable” and “appropriate” data security requirements. 

It’s important to note a couple of additions to the new SAFE DATA Act bill. This bill introduces an algorithmic ranking system to determine how content can be presented to consumers. It also establishes regulations for the “manipulation of user interfaces”, which prevents deceptive UIs from coercing customers into giving up personal data. 

The SAFE DATA Act would be enforced by the FTC and state attorney’s general, take precedence over state privacy laws, such as CCPA, and would not include a private right of action. These last two are partisan contention points, differing drastically from Democrat Maria Cantwell’s competing bill of the previous year. 

The SAFE DATA Act has drawn criticism for a perceived weakness: It collects data on a notice-and-consent basis. Many feel it lacks bite because companies can collect whatever data they want, providing it’s disclosed in their privacy policy—the one most people never read.
CYDigital/marteq.io's insight:

If the Senate flips, this bill will not happen. If the presidency flips, this bill will not happen. Why on both? It just doesn't protect the consumer.

 

See how extended zero-party data is your greatest marketing resource...and you can tap into it right now!: http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Microsoft: The US has fallen far behind the rest of the world in privacy protection

Microsoft: The US has fallen far behind the rest of the world in privacy protection | The Marteq Alert | Scoop.it
Microsoft recently highlighted that the US has fallen far behind the rest of the world in privacy protection. Microsoft specifically mentioned that the US lacks a strong national privacy law. Two years ago, the EU adopted GPDR to improve data privacy situation in their region. Since then, many countries including Brazil, India, Japan, Kenya, South Africa, South Korea and Thailand, have adopted, revised or proposed new frameworks for privacy protection. Microsoft pointed out that over 130 countries and jurisdictions have enacted privacy laws. Unfortunately, the US is missing in the list.

CYDigital/marteq.io's insight:

On the other hand, CA's CCPA and the follow-on CPRA brings the state up to the same level as the EU's GDPR. And companies need to adhere to these new regulatory standards not just for CA, but for the rest of the Union.

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Federal Privacy Law Efforts Move Forward in Congress | Wiley Rein LLP - JDSupra

Federal Privacy Law Efforts Move Forward in Congress | Wiley Rein LLP - JDSupra | The Marteq Alert | Scoop.it
As fall has arrived, so has a flurry of privacy activity on Capitol Hill.  Though this Congress is highly unlikely to pass any privacy legislation before the end of the Term, the latest developments reflect efforts by key Senators to find areas of agreement and establish the framework for federal privacy legislation to be considered in the next Congress.  Notably, the Chairman of the Senate Commerce Committee and other key Republican Senators released a final version of a draft privacy bill that would significantly transform privacy law nationwide, while also taking aim at use of online algorithms.  While Senate Democrats have offered proposals that would go further, the Senate Commerce Committee held a hearing on Wednesday that was aimed at attempting to find common ground for legislation, including by hearing testimony from a bipartisan group of former Federal Trade Commissioners—including three former Chairs—who were broadly supportive of the proposed legislation.  Important differences remain, but given the repeated calls for a federal privacy law from a diverse group of stakeholders and the pressure for a federal solution in light of individual state privacy efforts, companies should pay close attention to federal proposals that increasingly appear to mark a baseline for a federal privacy law. 
CYDigital/marteq.io's insight:

It's a very fair assumption that this bill will never see the light of day, and should the Senate switch over to Blue control, the Dems bill may never see the light of day. Recommendation: focus on what CA is doing, and act accordingly.

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Consumer Reports Study Shows California's Privacy Law Is A Poorly-Enforced Mess | Techdirt

Consumer Reports Study Shows California's Privacy Law Is A Poorly-Enforced Mess | Techdirt | The Marteq Alert | Scoop.it
A new report by Consumer Reports found the bill (surprise!) isn't really succeeding at its primary goal: clearly informing consumers what's going on in terms of access to their data, and making it easier to opt out of data collection and sale. This most basic provision also isn't being meaningfully enforced in any substantive way. The organization spent much of May testing numerous websites and found that actually trying to opt out of data collection and sales was either impossible, or very difficult to confirm with the companies in question:

Consumers struggled to locate the required links to opt out of the sale of their information. For 42.5% of sites tested, at least one of three testers was unable to find a DNS link. All three volunteers failed to find a “Do Not Sell” link on 12.6% of sites, and in several other cases one or two of three testers were unable to locate a link.
At least 14% of the time, burdensome or broken DNS processes prevented consumers from exercising their rights under the CCPA.
Consumers often didn’t know if their opt-out request was successful. Neither the CCPA nor the CCPA rules require companies to notify consumers when their request has been honored. As a result, about 46% of the time, consumers were left waiting or unsure about the status of their request. About 52% of the time, the tester was “somewhat dissatisfied” or “very dissatisfied” with opt-out processes.
CYDigital/marteq.io's insight:

This should not be a surprise, and is one of the driving reasons behind the forthcoming CPRA, where CA will have the resources to reinforce the law (vs. barely anything today).

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Big Tech Is Quiet in Data Privacy Initiative Fight - TechWire

Proposition 24 on the November ballot is pitched as an expansion of California’s already robust consumer data privacy law, an iron cuff on the claws of companies that profit handsomely from tracking and selling your online search, travel and purchase habits to marketers.

But the technology giants seemingly square in its sights — the likes of Facebook, Amazon and Google — haven’t shown up to the battlefield. Instead, those opposing the new California Privacy Rights Act are some of the same types of consumer, labor and civil rights advocates who support its predecessor.

“Proposition 24 is a wolf in sheep’s clothing,” said Richard Holober, president of the Consumer Federation of California and a leader of the "No on 24" effort. “It’s loaded with giveaways to tech companies.”

Big tech companies are standing down on Proposition 24 — data privacy is popular, fighting it is a bad look, and they're already abiding by similar rules in Europe. But criticism from those who would seem natural allies is “pretty disappointing.”
CYDigital/marteq.io's insight:

For us marketer, as we need to know is this: assume it's going to happen, and plan accordingly.

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

EDPB Publishes Draft Guidelines on the Targeting of Social Media Users - Inside Privacy

On 7 September 2020, the European Data Protection Board (“EDPB”) adopted draft guidelines on the targeting of social media users (the “Guidelines”).  The Guidelines aim to clarify the roles and responsibilities of social media providers and “targeters” with regard to the processing of personal data for the purposes of targeting social media users.

Targeting services allow natural or legal persons (i.e., targeters) to communicate specific messages to the users of social media in order to advance commercial, political or other interests.  The Guidelines state that the mechanisms social media providers can use to target users, as well as the underlying processing activities, may pose significant risks to users, including loss of control over their personal data, discrimination and exclusion as a result of targeting on the basis of special categories of personal data, and manipulation through misinformation.  The Guidelines also raise specific concerns in relation to children.
CYDigital/marteq.io's insight:

This too will impact marketers, and just a matter of time before CA implements similar legislation.

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Treat CPRA As If It Will Pass - Dev Pro Journal

Treat CPRA As If It Will Pass - Dev Pro Journal | The Marteq Alert | Scoop.it
The European Union’s General Data Protection Regulation (GDPR), implemented in 2018, set the bar for data protection worldwide. This November’s proposed California Privacy Rights Act (CPRA) closely mirrors the GDPR’s approach with three mainline items not included in the existing California Consumer Privacy Act (CCPA). These additions elevate the privacy protections of California residents.

“Whether your business is in California or not, the first step is to determine whether or not you need to be compliant. This requires leaders to know what type of data they are managing and whether there are any California citizens within their data sets,” says Shawn Rogers, VP of Corporate Marketing at TIBCO, a provider of big data and software integrations.

Privacy and data protection matter to consumers. In a 2019 California Privacy survey, 88 percent of residents backed the CCPA, and many supported more federal oversight on privacy laws. In addition, privacy and data protection directly correlates with the purchasing patterns of Americans.
CYDigital/marteq.io's insight:

Damn right! Configure now so that you are prepared. Consider that the CPRA is akin to GDPR, and if you step one toe into the CA market, you must be compliant.

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Gartner Projects Major Jump in Data Privacy Regulations; From 10% of the World Covered in 2020 to 65% in 2023 - CPO Magazine

Gartner Projects Major Jump in Data Privacy Regulations; From 10% of the World Covered in 2020 to 65% in 2023 - CPO Magazine | The Marteq Alert | Scoop.it
Global research firm Gartner recently conducted its annual Security & Risk Management Summit, and perhaps the biggest headline to come out of it was the projection that the majority of the world will be covered by data privacy regulations by 2023.

This would be a very substantial jump in a relatively short period of time. At present, only about 10% of the world has strong privacy regulations akin to the EU General Data Protection Regulation (GDPR). Gartner believes that the GDPR will be the specific model upon which most of these new privacy regulations are based.

The EU standards essentially require other countries to implement privacy regulations that are on par with the terms of the GDPR. The recent Privacy Shield issue that has been playing out between the EU and US has been illustrative of this; EU court rulings have determined that the US is essentially going to have to pass its own federal-level data privacy regulations before EU personal data can once again be sent there.
CYDigital/marteq.io's insight:

This is a direct shot across the marketer's bow. Heed it. But see it as an opportunity to differentiate yourself. Contact me so that I can show you how.

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

The California Consumer Privacy Act Business-to-Business and Human Resources Data Limited Exemptions Extended One More Year | Knobbe Martens - JDSupra

The California Consumer Privacy Act Business-to-Business and Human Resources Data Limited Exemptions Extended One More Year | Knobbe Martens - JDSupra | The Marteq Alert | Scoop.it
The California Legislature has delayed its plans to expand the scope of the California Consumer Privacy Act (“CCPA”) and make all of its provisions apply to personal information related to business-to-business communications and transactions and human resources data. When the CCPA went into effect on January 1, 2020, business-to-business and human resources data were subject to limited exemptions that were set to expire on December 31, 2020. As you can imagine, because nearly all businesses subject to the CCPA could (and likely did) take advantage of these exemptions, there was concern regarding whether the exemptions would phase-out end of the year or become permanent law.

Businesses have finally received an answer and can now take a sigh of relief. On August 31, 2020, the California Legislature passed Assembly Bill 1281, which extends these exemptions to December 31, 2021. This announcement was much needed relief, and provided some economic certainty during these financially trying times. Passage of Assembly Bill 1281 also means that the California Legislature will likely not pass comprehensive data privacy laws related to human resources data, as some privacy professionals anticipated would occur in 2020.
CYDigital/marteq.io's insight:

A bit of a reprieve for the B2B marketer, so please don't waste the opportunity to pull things together.

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

CPRA Pushes "Privacy by Design" Shift for Software Developers - Dev Pro Journal

CPRA Pushes "Privacy by Design" Shift for Software Developers - Dev Pro Journal | The Marteq Alert | Scoop.it
The California Privacy Rights Act (CPRA) is on the ballot this November, and if it passes will expand the privacy rights within the existing California Consumer Privacy Act (CCPA).  The new law builds on the principles of data minimization, greater consumer control of personal data, and increased transparency on data retention and potential uses. It could have unforeseen implications for many companies who think their data is secure, and new opportunities for software developers and ISVs moving to “privacy by design” software development.

Compliance with the CPRA guidelines will require operational and system upgrades in data capture, storage, governance and security for all three domains. The main technologies needs are around:
Data mapping and cataloging. Personal data must be tracked across an organization’s entire IT landscape. 
Data minimization. A major component of the CPRA and similar privacy laws is the belief that organizations should only collect the bare minimum of data required to complete an interaction or transaction.
Data anonymity. In any instance when data is not critical to the function of the application, it should be anonymized in order to reduce the risk of data breaches.
Data access requests. Gartner estimates that every data access request costs about $1,400 when processed manually. Organizations will look for solutions that manage data access and sharing securely and efficiently.
CYDigital/marteq.io's insight:

The forthcoming CPRA will turn data collection completely upside down, especially for marketers. The sooner you give data ownership to the consumer, the better your relationship with the consumer and your ability to adjust to the CPRA.

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

How U.S. tech policy could change if Democrats win back the Senate - VentureBeat

How U.S. tech policy could change if Democrats win back the Senate - VentureBeat | The Marteq Alert | Scoop.it
The United States still lacks personal data privacy laws that would set ground rules for the way private companies treat data collected about individual consumers. General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in California are major steps toward strengthening such privacy protections.

Malkia Devich-Cyril, founder of Media Justice, says comprehensive data privacy reform is one type of legislation with a lot of bills on the table to draw inspiration from. The two most prominent in recent memory are the Consumer Online Privacy Rights Act (COPRA) and the Consumer Data Privacy Act (CDPA). The bills, put forward by Democrats and Republicans, respectively, protect privacy rights for individuals and grant more resources for Federal Trade Commission (FTC) regulators. A major difference between the two is that COPRA enshrines the private right of action, or the ability to sue an individual company like Facebook or Google when data privacy rights are violated on their platforms.
CYDigital/marteq.io's insight:

It'll get watered-down at the federal level, so the best bet is to align policies and procedures with the forthcoming CPRA.

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

SAFE DATA Act Joins Crowded Field of Privacy Bills - Decipher

SAFE DATA Act Joins Crowded Field of Privacy Bills - Decipher | The Marteq Alert | Scoop.it
Four Republican senators have introduced a new privacy bill that is aimed at limiting corporate use of consumer data, but it is based on the outmoded idea of notice-and-consent and also would prevent states from passing their own privacy or data security laws.

The bill is the latest in what has become a deluge of privacy legislation in the current Congress, many of which share common traits and basic principles. Like many of the existing bills, the SAFE DATA Act introduced last week gives individuals the opportunity to see, correct, or delete data collected on them by companies and prohibits companies from refusing to provide goods or services to people who don’t agree to their privacy policies. However, the bill employs notice-and-consent as the basis for data collection, a notion that is considered ineffective for actually informing people about what data a provider is collecting and what options they have as a result. Few people take the time to read privacy policies and even if they do, the language is very difficult to decipher. 

While many of the provisions in the new bill are similar to those in existing bills, the SAFE DATA Act also includes a section that explicitly prohibits state legislatures from passing new privacy or data security laws, or from enforcing existing laws. The clause does not apply to state data-breach notification laws, however.
CYDigital/marteq.io's insight:

Won't happen, as there is a clear infringement on state's rights. But watch this space, especially if the Senate does not shift to the Dems.

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

What CCPA-affected businesses need to know about California’s next privacy initiative | ComplianceWeek

What CCPA-affected businesses need to know about California’s next privacy initiative | ComplianceWeek | The Marteq Alert | Scoop.it
Businesses with operations in California should expect their data privacy compliance obligations to get a lot more complicated next year. That’s because voters may choose to replace the California Consumer Privacy Act (CCPA)—the country’s only currently enacted data privacy law, which took effect Jan. 1—with the California Privacy Rights Act (CPRA). The Nov. 3 California state ballot asks voters to approve Proposition 24 and enact the CPRA. The law would expand the definition of sensitive personal information and add a host of new data collection, use, and storage compliance requirements for businesses, many of which are still struggling to comply with the CCPA.

In addition, Proposition 24 proposes to take regulation and enforcement of the CCPA away from the California Attorney General’s Office and place those functions in the hands of a new independent entity, the California Privacy Protection Agency (PPA).

While the CPRA would take effect Jan. 1, 2023, the new agency could begin work as soon as July 1, 2021, supported with $10 million a year in state funds. And that new agency would enforce the CCPA until the CPRA takes effect.
CYDigital/marteq.io's insight:

Consider CPRA, which will pass, to be as onerous as the GDPR. And with $10M budget, it will be enforceable via a staff of attorneys. NOTE: the new agency could start up next year, enforcing CCPA (which does not have a budget to ensure enforcement). You've been warned.

 

Get the new whitepaper "Discover New Revenue Opportunities Using Extended Zero-Party Data": http://un.marteq.io/WP1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Two New Guidelines by the EDPB: Targeting of Social Media Users and the Concepts of Controllers and Processors - Lexology

Two New Guidelines by the EDPB: Targeting of Social Media Users and the Concepts of Controllers and Processors - Lexology | The Marteq Alert | Scoop.it
The new guidelines on targeting of social media analyses the various actors which are involved in targeting, which are divided to four categories: social media providers, social media users, targeters and other actors, such as data brokers and ad exchanges, which may be involved in the targeting process.

The main purpose of the guidelines is to clarify the roles and responsibilities of the social media providers and the targeters. In many cases both parties would be defined as joint controllers. The importance of correctly identifying these roles and responsibilities has been emphasized in judgements of the European Union's Court of Justice.

Three different mechanisms of targeting are addressed by the guidelines. The first is targeting on the basis of data provided by the user. The second mechanism is targeting based on the basis of observed data, which includes data that is provided by the user through the use of a service or device, or data that is collected by third parties. This category includes the use of technical measures such as pixels. The third mechanism is targeting based on inferred data. Profiling is typically involved in this mechanism, and assessment of automated decision making must be conducted to define whether it leads to legal or similarly significant effects.
CYDigital/marteq.io's insight:

GDPR constantly evolving. Note what's happening, and you have to assume the same will occur stateside.

 

Join the marteq.io white list to receive pre-launch benefits: https://un.marteq.io/wl1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Proposition to Harden California Privacy Law Will Be on Ballot - GovTech

Proposition to Harden California Privacy Law Will Be on Ballot - GovTech | The Marteq Alert | Scoop.it
The California Consumer Privacy Act is a landmark. It gives Californians greater privacy protection than consumers anywhere this side of Europe.

But it's imperfect and vulnerable to gutting by business interests working their magic in the state Legislature. So Alastair Mactaggart, the wealthy real estate investor behind the privacy law, has put up a ballot initiative to strengthen the law and inoculate it from the mischief of business lobbies.

It will appear on the November ballot as Proposition 24. MacTaggart has funded the pro-24 campaign with about $5 million of his own funds so far. Business interests so far have kept a low profile on Proposition 24, but signs have emerged that they may already be sharpening their knives against it.
CYDigital/marteq.io's insight:

Possibly more changes afoot. It's a constantly moving target, and nothing has been shown to be anything but a constantly changing environment. Multiply this by 50 states, and it's damn near impossible...unless you turn the tables and give the consumer ownership over their own data.

 

Join the marteq.io white list to receive pre-launch benefits: https://un.marteq.io/wl1/ #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Bill Text - AB-2150 Corporate securities: limited exemption: study 

Existing law, the Corporate Securities Law of 1968, provides for the regulation of the issuance of corporate securities, requires the qualification of an offer or sale of securities, and provides for exemptions from qualification with the Commissioner of Business Oversight. Existing law defines a “security” to mean a note, stock, and, among other things, an investment contract. For the purposes of authorizing specified items that may be included in articles of incorporation, with regard to the keeping of certain records by a corporation that does not have outstanding securities listed on specified stock exchanges, existing law defines “blockchain technology” to mean a mathematically secured, chronological, and decentralized consensus ledger or database.


"This bill would require the Department of Business Oversight to conduct a study to determine the feasibility of enacting in California a measure equivalent to the Proposed Securities Act Rule 195–Time-Limited Exemption for Tokens, as specified, and to report its findings to the Legislature. The bill would require the study to evaluate certain subjects, including the potential benefits and costs of the exemption to the state. The bill would require the department to present the report to the Legislature on or before January 1, 2022, would prescribe certain subjects that report is to include, and would specify the method of its delivery."

CYDigital/marteq.io's insight:

CA's AB-2150, originally a bill to legislate the treatment of digital assets and when they would not be considered a security, is now scaled back to a study of the same. It's another step towards embracing digital currencies.

 

Follow us on LinkedIn and qualify to use the Marteq platform at no charge! https://www.linkedin.com/company/marteq-io #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Virginia Legislative Commission Set to Begin Look at Data Protection, Privacy - Lexology

Virginia Legislative Commission Set to Begin Look at Data Protection, Privacy - Lexology | The Marteq Alert | Scoop.it
The Data Protection and Privacy Advisory Committee is chaired by Delegate Hala Ayala (D) who is in her second term as a member of the House of Delegates and in her professional life is a cybersecurity specialist. She is a new member on JCOTS and is a recently announced candidate for the Democratic nomination for Lt. Governor in the 2021 election. The committee is expected to discuss the following bills from the 2020 legislative session:

HB473(Delegate Sickles): Personal data; Virginia Privacy Act. Gives consumers the right to access their data and determine if it has been sold to a data broker. The measure requires a controller (defined in the bill as a person that, alone or jointly with others, determines the purposes and means of the processing of personal data) to facilitate requests to exercise consumer rights regarding access, correction, deletion, restriction of processing, data portability, objection, and profiling. The measure applies to any legal entity that conducts business in the Commonwealth or produces products or services that are intentionally targeted to residents of the Commonwealth and that (a) controls or processes personal data of not fewer than 100,000 consumers or (b) derives over 50 percent of gross revenue from the sale of personal data and processes or controls personal data of not fewer than 25,000 customers.
CYDigital/marteq.io's insight:

We've been engaged with Commonwealth Delegates, and we believe that this is the first step towards a CCPA for Virginia, ultimately leading to a data dividends-like program.

 

Follow us on LinkedIn and qualify to use the Marteq platform at no charge! https://www.linkedin.com/company/marteq-io #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

How organizations should now think about data protection - Lexology

How organizations should now think about data protection - Lexology | The Marteq Alert | Scoop.it
On 16 July 2020, the European Court of Justice (CJEU) invalidated the European Union (EU)-US Privacy Shield Decision, while upholding the validity of the Standard Contractual Clauses Decision (SCC Decision), and therefore the use of standard contractual clauses in order to transfer personal data to third countries.

We recommend a number of immediate steps for such organizations to take, including:

Re-examine data strategy, including any reliance on third parties
Update data mapping to ensure accurate data flow and volumes are based on current operating models
Consider whether the “Standard Contract Clauses” (SCCs) may be incorporated into current data transfer arrangements, acknowledging that the EU’s SCCs are due to be updated in the next couple of months
Consider the organizations’ risk tolerance for the uncertainty caused by the Privacy Shield Decision, including evaluating strategic options such as the process of establishing Binding Corporate Rules (BCRs) covering global data transfers within entities
Continue to monitor EU responses to the CJEU’s decision, including whether or not to grant a "grace period" for organizations previously relying on Privacy Shield
CYDigital/marteq.io's insight:

Rethink your approach to data privacy. Staying the current course will keep you on the path of continual change, adaptation, and with it, continued costs.

 

marteq.io is the peak of personalization, based on the consumer's full digital story. Learn more: https://www.marteq.io #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

Dangers of unfettered access to personally identifiable information - The Hill

Dangers of unfettered access to personally identifiable information - The Hill | The Marteq Alert | Scoop.it
In early 2019, members of Congress began to draft agreements on addressing privacy protections and PII, which included a Consumer Data Protection Act and Data Care Act. California also moved to strengthen privacy measures; two years ago it passed the California Consumer Privacy Act of 2018. CCPA gives consumers more control over the personal information that businesses collect about them. 

CYDigital/marteq.io's insight:

It's coming, and it's needed. And once in place, the marketer's job becomes far harder.

 

marteq.io is the peak of personalization, based on the consumer's full digital story. Learn more: https://www.marteq.io #martech #marketing

No comment yet.
Scooped by CYDigital/marteq.io
Scoop.it!

You Read the Privacy Policy, Right? Sure You Did. A New Federal Bill Seeks to Address the Transparency Gap. - Lexology

You Read the Privacy Policy, Right? Sure You Did. A New Federal Bill Seeks to Address the Transparency Gap. - Lexology | The Marteq Alert | Scoop.it
Only 22% of Americans report “often” or “always” reading online privacy policies, and that’s solely for websites which require browsers to affirmatively agree to a privacy policy (i.e., flashing a pop-up with some form of “check the box” affirmation). This does not engender much confidence that Americans are actively seeking out and consenting to the privacy policies embedded within the myriad of websites they visit on a daily basis. And who can blame them – a 2008 study estimated it would take 244 hours each year to read every privacy policy in full for all the websites an average web browser visited annually. 

So note the structural framework of U.S. Sen. Sherrod Brown’s (D-Ohio) Data Accountability and Transparency Act of 2020 (DATA 2020): rather than maintaining the permissive data privacy legal framework which allows data processors to manage consumer personal data largely as they see fit, so long as they disclose their intentions in a lengthy privacy policy (which, as we’ve established, the vast majority of their consumers will never actually read), Sen. Brown instead suggests a restrictive legal framework that will dictate, by statute, when and how data processors may use consumer’s personal data, and to what extent.
CYDigital/marteq.io's insight:

B2C companies need to get way ahead of data privacy restrictions, and not play to the existing parameters. Rather, you need anticipate the most restrictive data privacy environment possible, and determine how to work within this forecast. One such solution: give your consumers control over their own data, and ask permission to access it in exchange for a reward. Studies show this approach works.

 

marteq.io is the peak of personalization, based on the consumer's full digital story. Learn more: https://www.marteq.io #martech #marketing

No comment yet.