In the last few years, consumers have become more and more concerned about their personal data and how businesses secure & protect their privacy online.
As a result, several regulations have been passed on data privacy & security, such as the GDPR in the E.U. and the CCPA in California, and it’s important to understand how these affect your website & business.
What is the GDPR?
The Global Data Protection Regulation or GDPR is an E.U. law that went into effect in May 2018, and it sets new standards for how data is collected and stored on a website.
It also gives consumers more rights to request a copy of their data from business and/or the erasure of their previously collected data. The law was written very broadly and it could apply to US companies with websites.
What is the CCPA?
The CCPA, which stands for the California Consumer Privacy Act, went into effect as of January 2020 and it was modeled after the GDPR.
The goal of the CCPA is to protect consumers’ privacy in terms of the selling and collection of personal data and prevention of security breaches.
While the CCPA currently applies to certain for-profit businesses in California, it is expected to be expanded to all organizations and other states like New York and Illinois have adopted similar acts.
Why Follow Data Privacy Best Practices?
Whether the GDPR or CCPA applies to your business or not, there are several reasons to implement data best practices on your website:
- Demonstrates to customers that your business cares about their data security & privacy
- Reduces your business’ liability for compliance issues
- Creates trust symbols on your website for privacy & security
- Minimizes future investments to add these best practices to the website