GDPR and CCPA – Two Approaches to Privacy
This post compares the EU’s General Data Protection Regulation and the California Consumer Protection Act of 2018 (GDPR and CCPA).
It includes much of a Quora answer that I wrote on this topic. Please see How does the California Consumer Privacy Act of 2018 compare to GDPR?
Disclaimer: This comparison, of necessity, is limited to the broadest generalizations. While the California Consumer Privacy Act or 2018 (“CCPA”) is of a respectable length, the EU’s General Data Protection Regulation (“GDPR”) has 99 Articles, most with several Sub-articles – and that’s preceded by 173 lengthy paragraphs of recitals! Consequently, most of what follows is, in reality, subject to significant additional details, qualifications and exceptions that are too numerous to include here.
Now available for download: A four-page GDPR-CCPA comparison table that includes many more details than are in this post.
Telling Facebook Friends Means Telling the World
This post explains something that we all should know intuitively. If you disclose information to your Facebook friends, you potentially have disclosed it to the entire world.
Matthew Richard Palmieri was a contractor for the United States. He lost his industrial security clearance after the government investigated certain of his activities.
Palmieri brought suit (without a lawyer) against various government agencies and officials in the United States District Court for the District of Columbia. The suit identified 30 ways in which the defendants allegedly violated his rights. (more…)
Meaningful Privacy Policy Statements – the California Perspective
Last month, California’s Attorney General published her latest privacy-protection guidelines. The title of the publication is “Making your Privacy Practices Public – Recommendations on Developing a Meaningful Privacy Policy“.
Executive Summary – Meaningful Privacy Policy Statements
Quoting from the beginning of the publication’s Executive Summary [emphasis added]: (more…)
Privacy on the Go – California Attorney General Publishes Recommendations
Privacy on the Go was published by California’s Attorney General in January 2013. It offers the AG’s privacy practice recommendations for participants at all levels of the mobile ecosystem.
Privacy on the Go begins with a message from the AG. Part of that message explains why the publication was produced (emphasis added).
The world has gone mobile. Today, 85 percent of American adults own a cell phone and over half of them use their phones to access the Internet. The mobile app marketplace is also booming with more than 1,600 new mobile apps being introduced every day. These apps allow us to do everything from streaming movies to hailing a cab to viewing our own X-ray and ultrasound images.
If You Want Personal Info from CA Residents, You Need a Privacy Policy
Any Website provider or online service – including any mobile app – that collects personally identifiable information from users residing in California needs to have a privacy policy. And that privacy policy must be posted conspicuously. The details are set forth in Business and Professions Code Sections 22575 through 22579.
Personally identifiable information includes, but is not necessarily limited to:
- First and last name
- Physical address, including street name and name of a city or town
- Email address
- Telephone number
- Social security number
- Any other identifier that permits the physical or online contacting of a specific individual
Mobile Apps: Respecting Users’ Rights
From time to time, developers inquire about best practices in marketing their mobile apps and protecting users’ privacy. Last month the Federal Trade Commission expressed its opinion on these issues (Marketing Your Mobile App: Get It Right from the Start).
On the marketing side, the FTC has two guidelines:
- Tell the truth about what your app can do.
- Disclose key information clearly and conspicuously (make sure that users actually notice your disclosures and are able to understand them).
Can I prepare a website Privacy Policy without a lawyer?
Startup entrepreneurs always are looking for ways to save money. A question that I receive from time to time: Is it possible to prepare a website Privacy Policy without a lawyer’s help?
Simply copying another company’s Privacy Policy is a mistake, because two companies rarely want to handle all privacy matters exactly the same way. However, there are quite a few website Privacy Policy Generators (PPGs) online. Just do a Google search for “privacy policy generator”.
The user provides answers to a series of questions. Based on the user’s answers, the PPG provides recommended text for a website Privacy Policy.
