Skip to content

Privacy News Highlights: A Look Back at 2023

December 6, 2023

Another year has passed, and once again, privacy professionals can look back and say, “Whew!” We may sound like a broken record (an apt metaphor, given the surge in vinyl sales), but the fact of the matter is that rarely does a day go by without significant privacy news. Looking back and attempting to find patterns, it’s clear that in the US, consumers’ awareness of their privacy rights–or what should be their privacy rights–has continued to surge and is driving government action.

At the federal level, Congress has failed once again to pass comprehensive privacy legislation, but other branches of the government aren’t sitting idle. The White House has negotiated agreements on AI and signed onto a new US-EU Data Privacy Framework. Regulatory agency, foremost the Federal Trade Commission, are enforcing existing regulations. And child privacy rights, especially around social media, are receiving increasing attention.

At the state level, several states have passed comprehensive legislation, while other states at the forefront of the privacy revolution have seen their laws go into effect. Twelve states–13 if you count Florida’s “Digital Bill of Rights”--have enacted privacy laws. Five new laws came into effect in 2023, and eight states have passed new privacy laws.

But any review of privacy in 2023 has to account for the passage of a privacy law that protects the rights of more people than any other single regulation–the Digital Personal Data Protection Act (DPDPA), the new privacy law in India. At over 1.4 billion citizens, the DPDPA affects almost three times as many people as GDPR.

Looking forward to 2024, it’s understandable to think that privacy professionals’ responsibilities got more complex than they’ve ever been. But in reality, the fundamentals of privacy remain sound.

  • Just because there is a patchwork quilt of regulations, don’t take a patchwork approach to privacy compliance. Adopt best practices and compliance with almost any regulatory regime will follow.
  • Embrace the privacy compliance trifecta. Say it. Be clear about your privacy policies. Do it. Act in accordance with your policies. Prove it. Demonstrate your compliance to regulators and consumers.
  • Understanding what data you hold, where, and why is essential. Maintain an accurate, up-to-date data inventory to ensure all your privacy compliance efforts build on a solid foundation.

For a more detailed look at these stories, download our new whitepaper, 2023 in Privacy News

Sign Up for Alerts

Get notified when new content for specific topics is available.

Sign Up