The California Consumer Privacy Act (CCPA) is a law that was signed on June 28, 2018, that established and promoted the consumer privacy rights and business obligations concerning the collection and sales of personal information of citizens of California. The CCPA came into effect on January 1st, 2020. Soon after in November 2020, Proposition 24, known as the California Privacy Rights Act of 2020 (CPRA) was introduced which is soon to replace the CCPA Compliance.

Artificial Intelligence (AI) is rapidly becoming ubiquitous in supporting key business decisions, and for many organisations it is critical for their digital transformation and new business models. With organisations quickly driving forward to identify new ways to extract competitive value from their data, the regulators are preparing to step in.

The General Data Protection Regulation is a data privacy law that protects the privacy of people of citizens of the EU and UK. The regulation is designed to protect the rights of individuals and also ensure the privacy of their personal data. The regulation outlines a detailed set of requirements for organizations collecting, storing, and managing personal data.

In 2018, the implementation of the GDPR signalled a seismic shift in how businesses target, collect and store personal data. As individuals entrust businesses with their personal data more than ever before, the GDPR has ensured that the right to privacy for individuals is protected through its regulation. Not since the result of Brexit, and the GDPR ceasing to protect the rights and freedoms of UK Citizens (since 1st Jan 2021), has there been significant changes to the GDPR.

The General Data Protection Regulation (GDPR) is one of the world’s most popular regulations. Though the European Union designed the GDPR to protect European citizens, its compliance transcends European borders, impacting most businesses collecting personal data via their websites - because you can’t control whether a European citizen accesses your website. Third-party vendors often require access to sensitive personal data to deliver their services.

Businesses that incorporate Internet of Things (IoT) into their daily operations have rarely, if ever, had access to so many resources to help improve your customer reach, collect more personal data and reduce your internal operational expenses due to IoT automation. IoT devices are ubiquitous, and as technology advances, so does the invention and use of connected devices within workplaces and our homes.

The General Data Protection Regulation, a GDPR, requires business entities to put appropriate technical and organisational measures in place and implement privacy-compliant procedures and processes. The need to implement the data protection principles is to guard the safety of customers’ default personal data and protect natural persons’ rights. This requirement leads to addressing the guide of data privacy by design and by default.

New state-level data privacy laws just keep coming. By the end of 2023, California will transition to the CPRA, and residents of Virginia, Colorado, Utah, and Connecticut will be covered by more expansive state privacy laws. With 10% of U.S. states covered by data privacy legislation by the end of next year, it’s clear there’s a need for federal legislation as well. I’m pleased to see reports of positive momentum on this topic in Washington.

Whether you’re a compliance expert or a novice, adhering to data privacy laws confuses even the best of companies. One of the key points of confusion is the fact that you can’t possibly comply with current and future laws without knowing what data you collect, where it goes, and how it’s used and retained. It sounds simple, but it is not. In fact, it’s a challenge that applies to nearly every organization today.

In November of 2021, President Joe Biden signed the Infrastructure Investment and Jobs Act (IIJA) which authorizes a plan to invest $1.2 trillion into the nation's infrastructure. This bipartisan infrastructure bill plans to bolster the transportation, energy, water, utility sectors, and state and local governments. An important provision within the IIJA is the allocation of $2 billion towards enhancing the cybersecurity of government organizations.