Bottom line: do not rely on data privacy laws to fully protect your information. 

When California Governor Jerry Brown signed Senate Bill 327 on September 28, California became the first state to enact legislation expressly governing cybersecurity measures that must be employed by manufacturers of Internet-connected “smart” devices, collectively known as the Internet of Things (IoT). The law, to be codified at California Civil Code Sections 1798.91.04–06, became effective on January 1, 2020.

The theme of Data Privacy Day 2020 is “Own Your Privacy.” 

For a long time, it may have seemed like consumers virtually had no power, and that businesses could do anything they want with individuals’ private information with nearly no repercussions – but that time is rapidly expiring. With increased state regulations, it is clear that businesses must step up their security game by pseudonymizing their data, rendering the data unidentifiable, so when that data travels across state lines and organizational boundaries, the data is still protected, as well as the business and its reputation.

An Internet Society report finds that most organizations do not comply with existing global privacy regulations and are not ready for additional regulations going into effect in 2020.