Let’s review three of the major pertinent privacy issues that should be on your radar:
General Data Protection Regulation (GDPR)
The GDPR is the new European Union law that will become effective in May 2018. This legislation replaces the existing EU Data Directive, and it’s the most significant change in European privacy law for 20 years.
The GDPR will propose new obligations on any business that handles data on EU citizens, independent of where the business is located, so if you are marketing to EU citizens you are required to adopt the GDPR. There are many issues to consider for ensuring GDPR compliance, and these regulations may have a far-reaching effect on your company’s operability.
The Information Commissioners Office (ICO) of the UK has complied comprehensive information pertaining to obligations and preparedness with the new law. Here’s a good place to get up to speed and start your preparations.
Privacy Shield Framework
As the replacement for the Safe Harbor program, the Privacy Shield program has grown tremendously since its inception. The EU-US and Swiss-US Privacy Shield Frameworks were designed by the US Department of Commerce and the European Commission and Swiss Administration. They’re meant to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.
Act-On has successfully obtained Privacy Shield certification, and we support the principles and frameworks of this important compliance initiative. You may want to consider applying for certification if your business model supports EU-US data transfer.
The US Department of Commerce provides an overview of the program here.
Canadian Anti-Spam Legislation (CASL) – Private Right of Action
A major mile stone under CASL will become effective on July 1 of this year. It gives individuals and organizations the right to institute a “private right of action” before the courts against parties that don’t comply with CASL.
Companies found to be violating the message rules under CASL may be penalized by a fine of up to a maximum of $1,000,000 per day.
For more on CASL compliance, visit this informational website from the Government of Canada.
As the compliance landscape continues to evolve, please take the time and review how these important changes may affect your marketing practices. Proactively seek legal counsel on any issues that have an impact on your company’s functionality to help ensure that your business has a smooth and productive year.