Changes in Digital Content Protection with CalECPA

Changes in Digital Content Protection with CalECPA

Personal Digital Content continues to change rapidly while the legislature to protect it plays a game of catch up. California recently signed into law a change that affects the protection of personal digital content such as emails, text messages, online documents, photos and location data.

What has Changed? – Currently, federal law protects this type of digital content for the first six months of its lifecycle. CCPA extends this protection beyond this window of time. Additional proposed legislature may change the federal ECPA law in a similar way, but requires further vetting and approval.

Ultimately, this could affect many technologies such as software applications for computers, tablets and mobile phones. Storage of this type of data is common within email solutions, mobile apps, online storage solutions and any software that captures personal or business related documents, messages or images.

A Marketer’s Perspective – Each business is different and should seek guidance from qualified resources to understand if this affects their marketing efforts or the products and services they offer to California residents and possibly the United States as a whole at some point in the future. Effectively, this law could change how businesses store, protect and share information covered by the legislature. It also defines under what circumstances they may need to relinquish information.

What does this mean for the typical business? Ultimately, this law was changed because the legislative body in the state was influenced to treat the aforementioned data differently. More specifically, this data is to be treated more privately than say the tracking of what type of browser is being utilized by the consumer. As a result, a business may want to review its privacy policy to ensure its use of this type of information reflects the nature of this law as well as both the implied and directly stated privacy requirements for consumers.

As a guideline, a business may want to contemplate the following questions:

  • What impact does this data have within my business?
  • How should I treat this data as I converse with my customers?
  • What technologies will enable my business to manage this data in a manner consistent with what I have decided for my business?

Real Applications – As an example, if a mobile application makes use of location data, and legislation continues to protect this data more than previously, a company may want to adjust how the app presents this data and how users access it. Risk exists with respect to inadvertently disclosing information during the course of business. Many companies are presenting data in clever ways to inform, engage and provide benefit to their customers. While the goal is commendable, the bar for protecting consumer data was just raised ever so slightly.