While some states have made data privacy gains, the US has so far been unable to implement protections at a federal level. A new bipartisan proposal called APRA could break the impasse.
We’ll see. I’d like to read the latest text, and I can’t seem to find it.
A lot of red and blue states have data privacy laws that are in the same wheal house as the OG’s - GDPR and CCPA.
I work in data privacy, and architecting systems that comply with multiple laws is a giant pain in the ass. Most of us that work in the space have wanted to unify a lot of these guardrails under one law. Currently, I basically get product requirements from multiple different state who are not taking to each other. It’s miserable.
That said, my big concern is that a federal law won’t be easy to make quick iterations to. Congress is slow as fuck. The US probably wouldn’t have any data privacy stuff in place if it weren’t for the states moving the ball forward. The states can move much much faster.
We’ll see. I’d like to read the latest text, and I can’t seem to find it.
A lot of red and blue states have data privacy laws that are in the same wheal house as the OG’s - GDPR and CCPA.
I work in data privacy, and architecting systems that comply with multiple laws is a giant pain in the ass. Most of us that work in the space have wanted to unify a lot of these guardrails under one law. Currently, I basically get product requirements from multiple different state who are not taking to each other. It’s miserable.
That said, my big concern is that a federal law won’t be easy to make quick iterations to. Congress is slow as fuck. The US probably wouldn’t have any data privacy stuff in place if it weren’t for the states moving the ball forward. The states can move much much faster.
Can you link me to a red state with data privacy rules “in the same wheel house as GDPR”?
Here’s all the current and proposed laws
https://iapp.org/media/pdf/resource_center/State_Comp_Privacy_Law_Chart.pdf
Thanks. It’s embarrassing to see Massachusetts “in committee”. I like to think we’re usually pretty good with stuff like this
To be fair, almost all companies that do interstate business have had to comply with California’s laws - CCPA, CPRA, etc.
I get why it would be a low legislative priority. It’s a lot of work for something large and midsize businesses are already forced to do.