With less than a year to go until the official entry into force of the California Consumer Privacy Act (CaCPA), ESOMAR is working on a series of articles to support you in the compliance process. The CaCPA will enter into force on 20 January 2020, and for those businesses which have not already fallen under the scope of the EU General Data Protection Regulation (GDPR), some of the key principles of this new law may be unfamiliar.
by Ray Poynter
1 February 2019 – In a wet and windy Amsterdam last week, the new ESOMAR Council had its first independent meeting. President, Joaquim Bretcha, chaired the meeting and shared his vision for where ESOMAR should be heading over the next two years. Joaquim’s vision builds on the work of previous Councils and focuses on the need to embrace the changes being created by an increasingly digital age. At the heart of the vision is the need to continue to widen the scope of ESOMAR to include data analysts and data users. ESOMAR is quite rightly ahead of the curve on data protection issues and the responsible use of data, an issue which is currently very much at the top of the agenda for data focused organisations (see Finn’s article about this at Davos here). We need to build on this and lead the way globally on the ethical use of data.
As we mentioned last December in our analysis of recent data breaches, the enforcement of GDPR is gearing up quickly. This past week, the French CNIL set a new fine record for the highest fine when they slapped Google with a €50 million fine.
Just before 2018 ended, the news broke of the largest data breaches of the past few years.
On 30 November, the global hotel chain Marriott, announced that the database of their booking system, Starwood, had been compromised. On Friday 4 January 2019, they released an update, revealing that 383 million records had been accessed by hackers. These records included 5.25 million unencrypted passport numbers and 8.6 million encrypted payment cards.
By the ESOMAR Professional Standards team
While the dust of GDPR is still settling, we can already see new privacy and data protection laws popping up everywhere. California has enacted a new far-reaching privacy law and the EU is moving ahead with new legislation that will determine whether you can continue using cookies for audience measurement. Countries like Brazil, Kenya and India are enacting GDPR-inspired privacy laws and data protection fines are breaking new records. Apart from data protection laws, ESOMAR also monitors regulations on publishing opinion polls around the world.