Data Privacy Highlights

This week, we’re covering some of the top stories in privacy! Privacy and security demands evolve quickly, putting business leaders and executives in a race against time.

That's why I am so excited to introduce you to my new book that released this week!! Data Reimagined: Building Trust One Byte At a Time. This is the perfect read for business executives who want to leverage their company’s privacy and security practices and transform relationships with customers and earn their trust.

In honor of Cybersecurity Awareness Month it is just $0.99 for the month of October. Get it here: www.redcloveradvisors.com/book-sales

Brands Review Data Privacy Policies After $1.2 Million Sephora Settlement

“A lot of companies said, ‘I’m too small, no one’s going to find me, I’ll just wait.’ So now they’re scrambling.” — Jodi Daniels, CEO of Red Clover Advisors via Wall Street Journal

Many companies are taking notice and are pressed to take action to ensure compliance with CCPA/CPRA regulations they believed didn’t apply to them. After January 1, 2023, when the CPRA takes effect, companies that have delayed compliance because they disagree with that definition and don’t want to tell consumers that they sell data, are in for a rude awakening.;

Data policies have traditionally been the responsibility of a company’s legal counsel or privacy director, experts said, but marketing executives are becoming increasingly involved because California’s regulations focus on practices typically managed by the marketing department.

For now, the potential risks of ignoring the law are greater than the costs of compliance, because companies know that a public settlement can damage their reputation in addition to their bottom line.;

via Wall Street Journal: https://www.wsj.com/articles/brands-review-data-privacy-policies-after-1-2-million-sephora-settlement-11664272801?st=fod00zwgvdq3ubj&reflink=desktopwebshare_permalink

Colorado Privacy Act Draft Rules Published

On September 30, the Colorado Attorney General’s office published proposed Colorado Privacy Act rules.

The draft rules include clarity around the definition of biometric information, responses to data subject requests, disclosure requirements for customer loyalty programs and privacy notice updates. They also add a category for sensitive data inferences.

The Colorado AG's Office has made it clear that the Office intends to make its mark on U.S. privacy law moving forward.

For an in-depth look at these draft rules read the full article from HuschBlackwell: https://www.bytebacklaw.com/2022/10/colorado-privacy-act-draft-rules-published/

4 Things You Can Do for Cybersecurity Awareness Month

Cybersecurity is everyone's job, including yours! Here are the four actions to focus on this #CybersecurityAwarenessMonth:

? Think Before You Click: Recognize and Report Phishing ;If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware.;

? Update Your Software: Don't delay -- If you see a software update notification, act promptly. Better yet, turn on automatic updates.

? Use Strong Passwords: Use passwords that are long, unique, and randomly generated. Use password managers to generate and remember different, complex passwords for each of your accounts. A passwords manager will encrypt passwords securing them for you!

? Enable Multi-Factor Authentication: You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked.

via: https://staysafeonline.org/programs/cybersecurity-awareness-month/