With new data privacy regulations such as those in California and Europe in place, privacy remains top of mind for business leaders. Major companies are facing global fallout from recent data breaches and compliance scandals, and should consider making efforts to understand current policies to prevent avoidable violations before additional regulations arrive.
A number of high-profile data privacy scandals have involved major tech companies. Facebook is being sued by Australia’s privacy watchdog for its role in the Cambridge Analytica scandal, according to Financial Times. The Office of the Australian Information Commissioner alleges Facebook violated privacy law by exposing user data to Cambridge Analytica via a third-party application, and allowing political campaigns to target its users.
Facebook is facing additional fallout. Its rollout of Facebook Dating was set to debut in Europe on Feb. 13, but the company indefinitely delayed that following concerns raised by European privacy regulators. Business Insider reports officials say Facebook failed to notify them of the feature’s release date until 10 days before its scheduled debut.
Additionally, the company failed to submit mandatory documents for the release, including data protection impact assessments, and regulators visited Facebook’s European headquarters in Dublin to try to obtain the necessary materials.
Similarly, Google is facing backlash for its lack of data privacy oversight. New Mexico is suing it for allegedly circumventing data privacy laws and illegally accessing data from students and families via the Google education platform. The state charges Google prevented parents from reviewing or limiting the information collected by the company, breaching the Children’s Online Privacy Protection Act.
The Wall Street Journal reports officials claim Google encouraged students to use its education login information on multiple devices, and automatically collected their data, such as web searches and passwords, once students accessed their accounts. Google allegedly placed the opt-out option in a difficult spot to find.
Google, like Facebook, faces numerous ongoing privacy issues. Recently, the tech company made the decision to move its British users’ accounts away from aggressive EU data protection regulations, and place them under U.S. jurisdiction. With Britain exiting the EU and deciding whether to replace the GDPR with its own regulations, Google placed the data of millions under less protection, according to Reuters.
For companies facing ongoing legal battles--and those hoping to avoid violations--they may want to consider understanding current data privacy regulations and planning for future policies.
More than 20 states have comprehensive privacy legislation under evaluation, and companies should be prepared to analyze every aspect of their business before this future wave of heightened regulatory scrutiny.
For instance, they may want to determine whether third parties follow data privacy standards, or expose their company to potential violations. Companies should prepare for technological changes that may accompany regulatory changes, such as new vendor relationship management solutions, and specific and more secure cookies.
With more data privacy regulations being proposed, the smartest companies are taking steps to understand current regulations, and to adjust internal policies to prepare for fast change.