New Privacy Regulations for Event Data Coming in 2023
It’s been about five years since the European Union’s General Data Protection Regulation, or GDPR, went into effect, putting strict rules in place for collecting, storing, and processing data on EU citizens.
At that time, many U.S. meeting professionals changed their data practices if there was any chance an EU citizen would be among their attendees. For those who didn’t update their practices, however, the time has come.
That was the message from Jill Blood, vice president, deputy general counsel at Maritz Global Events during a December 14 meeting trends webinar, hosted by MeetingsNet and led by Blood and her Maritz colleagues Steve O'Malley, enterprise vice president and COO, and Greg Bogue, enterprise vice president, brand, experience, and innovation ecosystems.
Blood reviewed the history of the EU’s GDPR as well as California’s effort in 2018 to enact its own data-protection regulation. Looking ahead, she said, there’s a clear trend toward protecting personal information in the U.S., with new state regulations effective as of January 1 in Virginia; July 1 in Colorado, Connecticut, and California (expanded from 2018); and December 1 in Utah.
“2018 was when the privacy concept really hit the U.S.,” Blood said. “California is obviously a huge state with a lot of people. So, for companies that somehow escaped GDPR, that meant they really needed to focus on privacy. I don't think anybody thought that was the end of it, and now here we are with five new states coming online with privacy laws. It's really spreading.”