Data443 Risk Mitigation, Inc., a leading data security and privacy software company, provided an update on the California Privacy Rights and Enforcement Act (‘CPRA’), approved by California voters on November 3rd, 2020. The CPRA is a new California state law that expands consumer data privacy, obligating businesses to provide consumers with the ability to opt-out of the collection of sensitive personal information collected, and further requires businesses to refrain from sharing the personal information of users, if requested. The CPRA expands, amends, and increases the protections afforded by the California Consumer Privacy Act (CCPA), which was adopted January 1, 2020, with enforcement actions initiated in July 2020.
Jason Remillard, CEO of Data443, provided the following insights and commentary, “The CPRA creates an even bigger cybersecurity burden for businesses than the CCPA. The new law is undoubtedly our country’s strictest consumer data privacy law, imposing stringent legal requirements on how businesses collect and share consumer data. It also establishes a new state agency (with a $10 million per year budget) to implement and enforce CPRA. In short, the CPRA imposes an increased duty on businesses to provide reasonable security for sensitive data, with penalties for breaches including for emails and passwords.
“People have a right to their personal data, and the right to protect it. Under the CPRA, businesses must enable those rights by protecting personal data and providing consumers with access to their personal data. As Data443 is All Things Data Security™, we already support all facets of the CPRA for our clients automatically. Our diverse and unmatched product feature set protects emails, documents, databases, and third-party services – in the cloud, in your own office or remotely at your employees’ home office.
“The CPRA is very similar to Europe’s GDPR law, for which Data443 has a proven solution – Data443® Global Privacy Manager, the privacy compliance and consumer loss mitigation platform which is integrated with our ClassiDocs® platform. Additionally, almost 40,000 businesses already utilize our world leading WordPress GDPR Framework daily to protect their businesses and support their customers for GDPR requests. Under the CPRA, consumers are entitled to know the categories of information collected and can even see the specific bits of information a company has on them, such as their email or address. Consumers can also order companies to not “sell” their data to other companies, and “opt-out” from well as order any company that has collected their data, and anyone the company has shared that data with, to delete it from their records. This is the so-called “opt-out” provision.
“What does this mean for Data443? It means greater commercial opportunities for us, because this is what we do. Since the CPRA holds companies responsible for ensuring that data it has shared with third parties or vendors is properly deleted upon request, in addition to protecting the data, these companies will need our products, services, and expertise.
“The CPRA is the continued and inevitable maturation of global privacy policies. Every jurisdiction in the world is experiencing this. One cannot provide solutions for this marketplace without a wide, mature, and combined product offering that covers all types of data, in all locations, in all sorts of formats managed by all sorts of relationships. Businesses are ultimately responsible for the stewardship and management of this personal information, and this represents a great shift in the way information has been managed in the past.
“Businesses are now recognizing this new ability or capability as a competitive differentiator. The ability to properly deliver, manage and journey a customer through a privacy request scenario becomes minimally a competitive differentiator – and in many cases – a situation of serious customer retention.
“Much like in the days when telecoms didn’t provide detailed billing of their services on a monthly basis – customers naturally migrated to service providers that were more transparent with their services and offerings – like detailed billing of every call and service charge – dragging the whole industry along with it. We have anticipated privacy compliance following the same path, and it continues to do so.
“Nearly 100% of our existing customer base has an existing privacy compliance or management program actively in place – having the same or more visibility at the board level as information security or other serious programs at the board level.”
About Data443 Risk Mitigation, Inc.
Data443 Risk Mitigation, Inc., is the de facto industry leader in Data Privacy Solutions for All Things Data Security™, providing software and services to enable secure data across local devices, network, cloud, and databases, at rest and in flight. Its suite of products and services is highlighted by: (i) ARALOC™, which is a market leading secure, cloud-based platform for the management, protection and distribution of digital content to the desktop and mobile devices, which protects an organization’s confidential content and intellectual property assets from leakage — malicious or accidental — without impacting collaboration between all stakeholders; (ii) DataExpress®, the leading data transport, transformation and delivery product trusted by leading financial organizations worldwide; (iii) ArcMail™, which is a leading provider of simple, secure and cost-effective email and enterprise archiving and management solutions; (iv) ClassiDocs® the Company’s award-winning data classification and governance technology, which supports CCPA, LGPD, and GDPR compliance; (v) ClassiDocs® for Blockchain, which provides an active implementation for the Ripple XRP that protects blockchain transactions from inadvertent disclosure and data leaks; (vi) Data443® Global Privacy Manager, the privacy compliance and consumer loss mitigation platform which is integrated with ClassiDocs® to do the delivery portions of GDPR and CPRA (previously, CCPA) as well as process Data Privacy Access Requests – removal request – with inventory by ClassiDocs™; (vii) Resilient AccessTM, which enables fine-grained access controls across myriad platforms at scale for internal client systems and commercial public cloud platforms like Salesforce, Box.Net, Google G Suite, Microsoft OneDrive and others; viii) Data443™ Chat History Scanner, which scans chat messages for Compliance, Security, PII, PI, PCI & custom keywords; (ix) the CPRA Framework WordPress plugin, which enables organizations of all sizes to comply with the CPRA privacy framework; (x) FileFacets™, a Software-as-a-Service (SaaS) platform that performs sophisticated data discovery and content search of structured and unstructured data within corporate networks, servers, content management systems, email, desktops and laptops; and (xi) the GDPR Framework WordPress plugin, with over 30,000 active users and over 400,000 downloads it enables organizations of all sizes to comply with the GDPR and other privacy frameworks. For more information, please visit http://www.data443.com.
Investor Relations Contact: