No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

Privacy Law Discussions: Who’s Leading The Way?

by Matt Dumiak
November 27, 2018
in Data Privacy, Featured
fingerprint scan

State vs. National Privacy Law Legislation

Several states have implemented privacy legislation – many similar to the GDPR regulations signed into law in May, but tech giants are also weighing in on the conversation. CompliancePoint’s Matt Dumiak discusses the differences between data privacy laws at the state and the federal level.

Businesses and consumers continue to discuss privacy regulations and legislation. Data breaches, data vulnerabilities and compromised private information is released in the news almost daily. Legislation has recently been proposed for individual states regarding data privacy regulations head-on. Virginia, Vermont, Colorado and New Jersey have all introduced related privacy regulations most recently. California recently set themselves apart in the privacy space with the adoption of the California Consumer Privacy Act (CCPA), which gave citizens the rights to not only protect their own data, but to obligate businesses to disclose exactly which information has been collected about them.

At the federal level, the United States has yet to propose a national privacy bill. Vermont recently implemented a law regulating data broker companies that buy and sell personal information. With the new law, brokers must disclose what information they collect as well as allow customers to opt out of collection. Furthermore, consumers can sue data brokers if they sell any information that causes illegal discrimination. A similar law has also been proposed in Colorado that is broader, yet specifically manages personal identifying information. Individual states seem to be leading the way for data privacy regulation discussions.

International regulations have also played a significant role in the privacy discussion, specifically following enforcement of the General Data Privacy Regulation (GDPR) in the European Union EU.

These regulations have certainly contributed to the movement toward consumerism and prompted businesses in the United States to rethink data collection and management, considering how violating these regulations could adversely affect their business and brand. Many organizations are asking themselves “am I liable and governed by the legislation in the EU?” For many, the answer is yes. More specifically, any website that offers goods or services to EU natural persons is subject to the GDPR. The discussion has further prompted organizations to question whether or not they are governed by similar laws in the United States.

Since the introduction of the CCPA, several senators have proposed policy options for national legislation on data security and privacy. Proposed bills have had a GDPR-like flavor that is similar in scope to the international regulation. If the U.S. were to adopt similar regulatory standards, business processes and products that handle personal data would need to be built to include data protection by design and default.

Regardless of business size, the magnitude of data collected, shared or mismanaged is more concerning considering the sensitivity of the private information everyday people entrust these organizations to protect. As the conversation around regulation increases, there has been much talk about what a national privacy law might look like, and furthermore, how state regulations would affect organizations doing business across the U.S.

At the forefront of privacy law related issues are very visible and widely used big technology companies. These big technology players have demonstrated some interest in getting ahead of possible regulation by possibly drafting and proposing possible regulatory standards themselves – perhaps because there is a monetary desire for these bills to be aligned with their terms, rather than abiding by laws voted in by citizens of the United States.

Big data companies such as Facebook, Google and Twitter have all been amongst discussions, and various reports have been released stating the companies are “in favor” of such legislation. This push has left some lawmakers feeling uneasy, considering these companies are likely seeking to be involved in legislation to sway technicalities in their favor.

In conclusion, states will likely continue to pave the way for privacy regulations. Until formal national legislation is adopted and voters see these initiatives on their ballots, states will continue to implement their own forms of data protection. Problems will continue to rise for businesses as states implement their own laws that nonregulated states must abide by. A national privacy law could make this transition easier among U.S. business owners, as one uniform standard can be applied to all.


Tags: California Consumer Privacy Act (CCPA)GDPRPersonally Identifiable Information (PII)
Previous Post

Board Pay Rises for Middle Market Companies

Next Post

Enterprises Left Exposed Through GRC “Shelfware”

Matt Dumiak

Matt Dumiak

Matt Dumiak is Director of Privacy Services, Customer Engagement Compliance at CompliancePoint, where he is focused on U.S. and international direct marketing compliance regulations. He works with clients in a variety of industries and is dedicated to providing reliable and practical consulting services. Matt has earned a Certified Information Privacy Professional (CIPP/US) certification from the International Association of Privacy Professionals (IAPP) and a Customer Engagement Compliance Professional (CECP) certification from the Professional Association for Customer Engagement (PACE), and he holds a B.S. in Economics from Georgia College.

Related Posts

todd snyder runway show scarf

Lessons Learned: Todd Snyder CCPA Enforcement Action

by Richart Ruddie
May 29, 2025

Third-party risk, overcollection of data and lax training all cited by California data privacy enforcer

federal trade commission building

[Q&A] Big Tech & Free Speech Under the Microscope: FTC’s New Direction

by FTI Consulting
April 28, 2025

What compliance teams need to know about the changing approach to consumer protection and data privacy

data governance concept

The US Still Lacks Its Own GDPR, But That Doesn’t Mean Data Privacy Enforcement Isn’t Happening

by Brian McGinnis and Maddie San Jose
April 16, 2025

Despite the absence of comprehensive federal privacy legislation, American businesses face mounting regulatory pressure from multiple directions. Brian McGinnis and...

origami tiger

Paper Tigers Won’t Protect You: The Reality of Effective NIS2 Compliance

by Hans Kayaert
March 24, 2025

Why Belgium's early adoption model could prevent another round of ‘compliance theater’ across Europe

Next Post
ERP program on tablet

Enterprises Left Exposed Through GRC “Shelfware”

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights