by Megan Smalley
Data privacy enforcement is becoming a top risk that companies must consider as part of their enterprise risk management frameworks. Ever since the European Union’s General Data Protection Regulation (GDPR) passed in May 2018, more data protection laws have been proposed around the world. With that, all companies face additional scrutiny in terms of data privacy.
Within the U.S., the California Attorney General’s Office has proposed expanding enforcement authority and class action litigation under the California Consumer Privacy Act (CCPA). CCPA passed in June 2018 in response to the Cambridge Analytica scandal, and it goes into effect in 2020. It is one of the most comprehensive data privacy laws in the United States, and it expands the definition of personal information.
Continue to read here