Over the last few years, an increased focus continues on the right to privacy and the debate on how to best implement privacy tools that are balanced with business and technological innovation. In the United States, the debate to adopt policies like those in the European Union has recently intensified as consumer advocates view data collection as being intrusive and offensive; however, these criticisms fail to appreciate the key factors driving the debate.
Notably, in 2018, California passed the most comprehensive data use legislation in the nation (the California Consumer Privacy Act of 2018), which has been compared by many to the European Union’s General Data Protection Regulation. California also became the first state to enact an Internet of Things (“IoT”) cybersecurity law (SB 18-327), which requires connected devices to be equipped with “reasonable security features,” as defined by the bill. Both laws have been praised by consumer advocates, although many have taken the position that the laws will do little to improve consumer protection, but instead will create substantial burdens for companies. Although both laws are effective as of January 1, 2020, it is important to note that the two laws remain a moving target and further amendments may be on the horizon.
As IoT explodes in popularity and make innovations such as augmented reality (“AR”) and autonomous vehicles possible, the functionality demanded by consumers will require data collected from human user experience. The companies that fail to properly leverage new technologies and data opportunities may find themselves falling behind their competitors. Companies developing products on the cutting edge of technology should stay informed of recent enforcement actions, legal cases, and laws to determine how their offerings in the ecosystem may be impacted.
This publication covers the ongoing evolution of the legal landscape for data-centric products, so that organizations can continue to succeed in their development of new technologies and products.