Ever since the EU developed and approved its landmark privacy regulation, GDPR, Site Impact has been warning that other countries--including the US--are likely to follow up with their own privacy regulations. Of course, in the US, the issue is magnified by the existence of 50 different states, all with their own decision-makers regarding the issue and how to tackle it. Until a federal level law comes down to regulate data collection, analysis, and sharing, individual states will push for their own measures. The newest wrinkle in this fact is the law being developed by the state of New York. Sources in the process of developing the law indicate that it might even be tougher than the California bill currently passed. Site Impact knows that regulations actually help the industry; so even as lobbyists in California work to try and defang the law there, it’s worth understanding the new law coming in New York.
The New York Privacy Act, introduced by state senator Kevin Thomas, gives consumers in that state more control over their data than any other state in the US; while it’s only just been introduced, and Thomas is still looking for a cosponsor, it’s definitely a major step towards setting a standard for consumer protection when it comes to data-based marketing efforts. Businesses that have been arguing and wrangling over the language of the California Consumer Protection Act are not likely to enjoy the New York law any better, considering the way it puts the consumer’s wants and needs first.
Like the CCPA, the New York Privacy Act would allow people to find out what data companies are collecting on them, see who they’re sharing that data with, request that it be corrected or deleted, and avoid having their data shared with or sold to third parties altogether. However, unlike the CCPA, the new law would grant New York residents the right to individually sue companies; this measure was driven out of the CCPA last year successfully by industry outcries. Additionally, while California’s law applies only to businesses that make more than $25 million annual gross revenue, the New York bill would apply to companies of any size. It’s a strong statement on the concern that consumers have for how their data is being collected, analyzed, and used by brands--and it’s setting a tone for future laws on the state level that shows that things are not going to be the wild west anymore when it comes to data collection and privacy.
Overall, the New York Privacy Act seems to be trying to reintroduce real regulatory authority even as industry professionals try to lobby it out of the already-existing California consumer protection law. As Congress works towards putting together a national-level law, marketers and brands alike should be up to date and prepared for a fusion of the efforts being made by multiple states. The EU’s GDPR has made its mark on digital marketing in general and email marketing in particular; US laws designed to protect and empower consumers are not about to go away. Contact Site Impact to learn how we can help you prepare for any regulation coming down the line, and how we’re always working to make sure we’re in compliance even before regulations take effect.