In 2023, a significant number of new privacy regulations were introduced, with several set to come into effect this year. Even more regulations are expected to be enforced or implemented in 2024. Notably, regulatory requirements for major tech companies will have substantial trickle-down effects on third-party entities that rely on these platforms for audience engagement, data management, and revenue generation.
The regulation of artificial intelligence (AI) is also set to increase, heightening consumer awareness about data access and usage. These upcoming changes, driven by new regulations and business requirements, are expected to enhance the consumer landscape through improved transparency, competition, innovation, and choice.
EU & UK
ePrivacy Regulation in the EU
The EU's ePrivacy Regulation (ePR), set to replace the ePrivacy Directive (ePD), is expected to establish clearer rules on cookie usage and regulate newer electronic communications services. If finalised in 2024, the ePR will fully come into effect by 2026.
Regulation of Artificial Intelligence (AI)
The EU's AI Act, anticipated in early 2024, will introduce new rules and guidelines for AI development and application. This legislation is expected to influence similar laws globally, much like the GDPR. In the US, President Biden's executive order on safer AI from October 2023 will also impact AI regulation developments.
North America
Data Privacy in the United States
In 2023, eight US states passed data privacy laws, with five set to take effect in 2024:
- Montana Consumer Data Privacy Act (MTCDPA)
- Florida Digital Bill of Rights (FDBR)
- Texas Data Privacy and Security Act (TDPSA)
- Oregon Consumer Privacy Act (OCPA)
- Delaware Personal Data Privacy Act (DPDPA)
These additions will bring the total number of states with active data privacy regulations to 14. Many more states introduced privacy legislation in 2023, suggesting that additional states may enact such laws in 2024. Although federal data privacy legislation remains stalled, the scrutiny surrounding generative AI and its implications could drive momentum for broader federal laws.
Data Privacy in Canada
Bill C-27, the Digital Charter Implementation Act, is under committee review and could be passed in 2024. This bill includes the Consumer Privacy Protection Act (CPPA) to replace the outdated PIPEDA regulation. It also introduces the Personal Information and Data Protection Tribunal Act, which would review Privacy Commissioner decisions and impose penalties for CPPA violations. Additionally, the Artificial Intelligence and Data Act (AIDA) aims to regulate AI systems with a focus on data privacy.
Data Privacy in Australia
Australia's Privacy Act, first enacted in 1988, underwent its most recent amendment in 2022. The Privacy Act Review Report, released in February 2023, contains 116 recommendations to enhance data privacy protections. High-profile data breaches have increased pressure for stronger privacy laws, likely leading to significant changes in 2024.
For the big companies
Digital Services Act Package
The Digital Services Act (DSA) and Digital Markets Act (DMA) will begin enforcement in early 2024. These laws require compliance from large tech companies and will affect third-party customers and partners, particularly in the EU. This could drive substantial changes in privacy compliance and business operations, including the adoption of consent management platforms (CMP).
Embracing Data Privacy
The keyword for data privacy in 2024 is acceleration. The initiatives started in 2023 will continue to influence legislation, business practices, technology, and consumer expectations. Companies are increasingly recognising the importance of data privacy for business integrity, brand reputation, and revenue protection. Compliance with multiple regulations is becoming the norm, and while challenging, it is manageable. Usercentrics offers solutions designed to scale with company growth and evolving regulations, helping businesses navigate the complexities of data privacy.
Frequently asked questions
We never have access to any of your data, our platform is able to scan each tool and provide recommendations without needing to access any of the data within those tools. There's no need for your dev' team to do anything, there are no security risks, just tell us the tools you use and we will do the rest.
Our policies are not just about my website or service. Once set up, our platform will help you map-out internal and external processes, such as HR, finance, and more!
We recommend replacing your current policy with our policy, this way you’ll remain compliant as your business changes and as the laws update.
Setting up is easy, just follow the on-screen commands and go through a few short steps to add your tools. You don't need any technical ability, anything you don't know the answer to you can ask us via our live chat or add later.
A template will not be applicable to your particular business as there are many things to consider for each tool you use. Also the template will not automatically update when changes happen in your business and when changes to GDPR laws are released. This can leave you vulnerable to breaking GDPR laws.
We have a huge selection of tools pre-loaded and anything you don't see you can add directly from the platform as well as mapping data for any custom software you may use.
Our Essential Plan is perfect for people just getting started, small businesses, self-employed people and early stage companies. It allows you to get set up and start making your site GDPR compliant. You can move to our pro plan when you grow and your needs become more complex.
Our Pro Plan is aimed at SMEs and is our most popular plan as it includes everything you'll need such as a cookie banner, multiple languages as well as dedicated support.
Our Agency Plan is aimed at businesses that operate with clients needing GDPR solutions. The plan allows you to onboard clients as well as benefit from the Pro Plan for your own site.
Our Enterprise Plan is our most customisable and inclusive plan aimed at large, corporate businesses. We will essentially build you a bespoke plan with full maintenance support, onboarding classes and full company-wide access.
Feel free to get in touch to discuss our GDPR Compliance Software solution.
Signing up is super easy. The platform will ask you a few basic questions and then you can add your tools - don't worry if you don't know them all, you can come back and add tools at any point. The platform will then generate you the correct privacy policy based on your information, you can there share it directly on your site. That's it!
Privasee has a plan for smaller companies as well as larger enterprise companies. For companies small to medium you can signup directly. For bigger enterprise companies get in touch with your requirements and our team will build you a bespoke plan.
You have a legal responsibility to keep your policy up to date with every change in legal requirements for every tool you have. With Privasee you are always covered.