CALIFORNIA’S CONSUMER PRIVACY ACT BEING HAILED THE AMERICAN VERSION OF THE GDPR, BUT IS THAT ACCURATE?
Written by Victorianne C. Musonza, Esq, CISA, CAMS, CIPP, CIPM, FIP I. INTRODUCTION By the close of 2018, all fifty U.S. states had data breach notification laws [1] on the books. California was the first to pass a data breach notification law in 2003; [2] New York was not that far behind passing a data breach notification law [3] that was signed into law in August 10, 2005. New York has always had a more proactive approach to privacy with several privacy statutes that include information security, [4] employee privacy, [5] wiretapping, [6] ease dropping, [7] and confidentiality related to HIV related records. [8] Additionally, last year the New York legislature passed a cyber security law that imposes additional requirements on businesses that are regulated the Department of financial services. In additional to federal statutes, New York businesses who do business in certain parts of Europe [9] or in California, provide services to residen