BEGIN ARTICLE PREVIEW:
(© asharkyu – Shutterstock)
A few months ago, the General Data Protection Regulation (GDPR), Europe’s stringent and ambitious law protecting data privacy, turned two years old. While many companies have accepted the law as a sign of changing times, others seem to be doing the bare minimum to adhere to its requirements, especially those whose business models are built around selling and trading user data.
GDPR’s reach extends beyond Europe, affecting any company that does business with European citizens or businesses. California’s landmark Consumer Privacy Act (CCPA) took effect at the beginning of 2020, even as Google and others attempted to weaken its language and create exemptions for their own financial gain. While the legislation is a big step toward educating everyday people on the ins and outs of how and when their data is being used, few think about how their online activity at work may also have implications for their personal data privacy.
In both GDPR and CCPA, fines have been rare and when they do occur, relatively cheap. Until the fines and the monetary implications become more severe for tech companies, data privacy, particularly employee data, hangs in the balance.
Take, for example, a common situation in which …
END ARTICLE PREVIEW