As the first GDPR compliant company, we’re now setting our sights on US privacy laws.

Teemo became the first company to meet GDPR compliance. It has since expanded its operations to the U.S., where regulation is imminent. California’s Consumer Privacy Act, for instance, goes into effect on January 1, and affects any company that does business in the Golden State. Meanwhile, lawmakers from both sides of the aisle are also in agreement that something must be done in regards to consumer-data privacy. 

Although U.S. regulation is looming, many companies aren’t sure where to start. “With GDPR, companies had two years to get ahead of it, but they left it to the last minute,” Grouchko says. “They weren’t shortsighted and I don’t think anyone is to blame.”

Companies instead were unsure how to navigate uncharted GDPR waters, Grouchko says. “The privacy-by-design mindset is all so new that companies didn’t know where to start,” he says. “We’re now seeing the same thing in the U.S.”

Benoit Grouchko encourages all companies to approach their processes with a privacy-driven mindset. Whenever you start creating a product, you should consider how you’re using data. And you should be aware of the privacy and protections you’re putting on that data. Even though Teemo gets location data from third-party apps, the company requires users to provide consent. The solution to the privacy problem was simple. Regarding data sharing: make opting out as easy as opting in.

Another important point that Benoit stresses is this: only collect and keep the data you need. US companies have tons of data, most of which they don’t use. If you’re not using data, get rid of it in a secure way. Keeping data that you’re not using is a risk that isn’t worth taking.

Read More:




First Company to Fail GDPR Compliance Shares Tips on Prepping for Us Privacy Regs by George P. Slefos