By now, just about everyone has probably heard of the EU’s General Data Protection Regulation, better known as GDPR. Although GDPR applies to EU citizens, given the nature of websites, GDPR generally applies to all. It is probably not realistic, at least not yet, to give websites the intelligence to differentiate between EU citizens and everyone else.

In the USA, as of today, there is no GDPR equivalent. Because of such legal void, states are legislating their own versions of GDPR. As of today, California, New York and now Nevada, have passed different privacy laws.

California’s law, named California Consumer Privacy Act, or CCPA, was signed into law June 28, 2018, and it becomes effective on January 1, 2020. New York passed the Stop Hacks and Improve Electronic Data Security Act, known as SHIELD Act, which was signed into law on July 25, 2019 and went into effect on October 23, 2019. Nevada quietly passed the Nevada Privacy of Information Collected on the Internet from Consumers Act, or NPICICA, and it went into effect on October 1, 2019.

Although different laws, there are overlaps. The level to compliance depends on the website and the type of information collected. Also, compliance depends on the business type, size, and other information.

Best business practice would be to have your websites reviewed for compliance with laws and regulations, preferably BEFORE publicly launching. Any questions? Please feel free to contact me.
#substantiationequalstrust. #transparencyformstrust #advertisingandmarketinglawyer
#hispanicadvertisingandmarketingattorney #couponlegality #promotiontransparency