You're not alone! We created a breakdown of the recent changes in internet laws and regulations and what they mean for your business.
The last few years have been characterized by the heating up of internet laws and regulations, both at home and abroad. Security is a more significant concern than ever, with a whopping 87% of Americans citing their data privacy as a major issue. In response, legislators are stepping up.
There is a lot of talk about bringing forward even stricter legislation in the years ahead, but right now there are two regulations you need to know about: GDPR and the CCPA.
These are EU and US policies, respectively, which have done the most to redefine the laws on the internet. If you're a business with any form of online presence or if you store any form of personal data, you will need to know about these.
They may sound intimidating, but don't panic. Simply read this handy outline of recent internet regulations you need to know.
Internet Laws and Regulations: The CCPA
The most recent law you'll need to know about it the California Consumer Privacy Act, or CCPA. This was passed a few months ago and all businesses have until the end of next year to comply.
In a nutshell, this internet law dictates how you can store and sell the personal data of visitors to your website. Any business which derives more than 50% of its revenue from selling personal data must comply. As this article explains, this affects way more businesses than you might think.
Although the law is technically only in force in California, any business with customers and visitors in California may be affected. Essentially, this means that all US companies should get compliant. In addition, numerous other states are looking at enacting similar internet laws in the upcoming months and years.
There is a lot you will need to consider. However, the important thing to know is that customers will be able to withdraw consent to sell their data.
Websites will need to have a clearly visible 'Do not sell my data' sign on their pages. If customers click this, you can't use their data for commercial purposes. No ifs, no buts.
The General Data Protection Act, or GDPR, is likely more well-known to you. This EU legislation dominated internet privacy news for years and remains one of the toughest internet laws and regulations on the planet.
There are a ton of helpful explainers of GDPR. The key thing to know about this one is that it concerns how the data of individuals is processed and stored.
Basically, all organizations that store personal data must ensure it is 100% secure and encrypted. They cannot share it with third parties unless consent has been given. In addition, individuals reserve a 'right to be forgotten'. This means that an organization must delete a person's data entirely upon request.
Whilst this is an EU law, it affects virtually all companies. This is because any EU resident is protected, meaning if they visit a US-based site, that site is required to comply in order to "protect the human rights" of the EU citizen.
Many US companies have skirted around these laws by simpling making their website unavailable in the EU. If you don't get much traffic from the EU, you can consider this move too.
Internet laws and regulations can seem tricky and intimidating at first. However, there is a wealth of information to help you navigate them. You can check out our Tech Section for all of the updates and expertise you'll need.