For some context, there is a significantly less privacy regulation in the United States compared to the European Union. Where the EU has a comprehensive law in the GDPR to legislate all forms of processing, the United States has laws for specific industries, but that leaves a lot of room for interpretation. Most US privacy laws are focused on consumer protections, such as preventing identity theft or deceptive trade practices. There are rules for how information is used for advertising, such as CAN-SPAM or COPPA, but that doesn’t stop Facebook, Google, or Amazon from collecting massive amounts of data to serve ads.
So, people are making the decision to enable privacy protections, right? Well, not really. In this case, individuals are being more actively given a choice, meaning that users on smart phones are very likely to see the notification and opt-out of any further collection. Chances are that in the case of a desktop user, they aren’t seeing these types of prompts. There has not been any major uptick in users reading privacy notices either. In states where privacy rights are being provided, such as in Virginia, California, Colorado, and hopefully soon Ohio, there is no indication that individuals are more likely to exercise those rights.
Is the United States caring more about privacy? I think sadly the answer is no unless it costs Mark Zuckerberg money. Oddly, Apple changing a policy costs them twice as much as the largest privacy fine ever levied, which was at Facebook, of 5 billion dollars. So, while legislative change is far off at the federal level, perhaps we will see big tech make a push toward privacy that could alter the outlook.
Please feel free to reach out to Privacy Ref at 888-470-1528 or firstname.lastname@example.org with all your organizational privacy concerns. You may view our complete event calendar here, which includes our training and webinars.