GDPR Data Mapping: A How-To Guide
If you don’t know where your business collects, stores, and processes...Read Now
The simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline the DSAR workflow
Ensure your customers’ data is in good hands
Gain insights with privacy assessment templates and workflow management
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Don’t let data privacy compliance get in the way of growth
Preserve your competitive edge
Manage data privacy at scale
Expert insights on all things privacy
Subscribe and become a Privacy Insider
Research the most essential privacy topics
We'll scan your website for privacy risk at no cost
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
No fines, no penalties
Add Osano data privacy ratings and recommendations to your application
Fresh duds for data privacy fans
October 23, 2019
Privacy policies are necessary to explain how a company collects, stores, uses and shares data about its customers or users, and the types of data that is collected. Most of this data is considered Personal Identifiable Information (PII) and may include a person’s name, email, address, phone numbers, credit card number, birth date, gender, age or any piece of information that identifies a person.
It’s remarkable how few people read privacy policies, given that this is personal data we likely wouldn’t willingly share with strangers. The Boston Globe recently explained the importance of these privacy policies this way: “Few people read the privacy policies that are part of most major websites. But they amount to a contract, promising visitors that the site will set reasonable limits on how it will use personal data.”
Fast Company reported on a new survey by Pew Research Center that found more than half of the 4,727 U.S. adults surveyed didn’t understand that privacy policies are contracts between websites and users about how those sites will use their data. In essence, most people are unknowingly signing away their rights to their own data. They blindly trust that the companies behind the websites they visit are being good stewards of their data. It’s only when there’s a publicized breach that they question their privacy practices.
Here are just a few of the issues that make practicing ethical, responsible data privacy so challenging.
Comparitech scored each state on how its laws governing online privacy compares with other states. Not surprisingly, California ranked at the top of the list, earning a score of 75 for its tough privacy and data protection laws. The state goes so far as to include “an inalienable right to privacy” in its state constitution and passing the California Consumer Privacy Act of 2018 (to go into effect January 1, 2020) that gives California residents unprecedented control over their personal online data. The worst scoring state? There was a tie between Mississippi and Wyoming. According to Comparitech, Wyoming employers “are not barred from forcing employees to hand over passwords to social media accounts.”
For companies with an online presence and who operate in different states, keeping track of each state’s laws is difficult and often manual process. For states with stricter regulations, a misstep in privacy practices can result in penalties.
Thanks to the Internet, companies today have customers and website visitors from all over the world. While the world is flat, giving rise to immeasurable opportunities, it also poses a distinct problem for companies who must adhere to different privacy laws across states and countries. The EU and California are not the only regions with strict privacy regulations and more regulations are sure to come.
Organizations with an online presence must be compliant with the privacy laws of dozens of countries, as well as display consent dialogs in native languages and record consents and revocations for cookies. This is nearly impossible to do manually for each website visitor, putting companies at high risk for non-compliance.
Keep in mind that their privacy practices may frequently change. That means you have to continually monitor their practices and determine whether they are putting you at unacceptable risk. If they have a breach, for instance, will your customers, the Department of Justice and the media blame you or them or both?
To make things more complicated, your vendors also have vendors who may use the data you’ve shared. You can see how quickly your web of vendors grows. It’s critical to track all of your third- and fourth-party vendors so you can prove you were doing your due diligence.
That means instead of dedicating resources to a nearly impossible task, you can ensure your website is compliant in every state and country in only minutes. You can track privacy ratings for thousands of vendors to understand your risk instantly over time. You can be alerted when a vendor changes their policies and when privacy laws are added or changed.
Data privacy policies are more than a big deal; they are everything. Consumers are increasingly looking for transparent companies and 75 percent of Americans say they are not okay with companies using their personal data. Even more eye-opening is the fact that 72 percent of adults support a national privacy protection law. Protecting user data is not only the right thing to do, but it is also quickly becoming a differentiator amongst brands.
Writer at Osano
Writer at Osano
Matt Davis is a writer at Osano, where he researches and writes about the latest in technology, legislation, and business to spread awareness about the most pressing issues in privacy today. When he’s not writing about data privacy, Matt spends his time exploring Vermont with his dog, Harper; playing piano; and writing short fiction.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
Osano makes it easy. Ready to get serious about data privacy? Choose your plan and get started. All plans come with a 30-day FREE trial!