The New York State Legislature reintroduced the New York Privacy Act. One of its newer provisions is the requirement for data controllers to apply a fiduciary duty standard to the consumer data they process. While there are questions surrounding whether a fiduciary model can work in a digital space, BigID Vice President of Privacy and Policy Heather Federman, CIPP/US, writes it could replace an outdated model. "What does emerge is the need to move beyond legal reliance on notice/choice, which forces consumers to blindly trust businesses, and shift to a framework that puts the burden on industry," she writes.
If you want to comment on this post, you need to login.