Virtually every country has enacted some sort of data privacy laws to regulate how information is collected, how data subjects are informed, and what control a data subject has over his information once it is transferred. Failure to follow applicable data privacy may lead to fines, lawsuits, and even prohibition of a site’s use in certain jurisdictions. Navigating these laws and regulations can be daunting, but all website operators should be familiar with data privacy laws that affect their users.
For those in the USA, the laws and regulations you should be aware of for 2021 include:
- USA Federal
- The Children’s Online Privacy Protection Act (COPPA), which governs the collection of information about minors.
- The Health Insurance Portability and Accounting Act (HIPAA), which governs the collection of health information.
- The Gramm Leach Bliley Act (GLBA), which governs personal information collected by banks and financial institutions.
- The Fair Credit Reporting Act (FCRA), which regulates the collection and use of credit information.
- USA State
- California Consumer Privacy Act (CCPA)
- California Privacy Rights Act (CPRA)
- Virginia’s Consumer Data Protection Act (CDPA)
- Colorado Privacy Act (CPA)
- New York SHIELD Act
- Non-USA
- International law: the General Data Protection Regulation (GDPR)
- Brazil’s General Law for the Protection of Personal Data (LGPD)
Read more at Data privacy laws: What you need to know in 2021 by Angelique Carson on the Osono Blog