Patchy preparation for GDPR shows U.S. businesses are unprepared for new legislation

by Jim Mason, Sr. Partner
Tuesday, June 25, 2019

Since the advent of the EU’s new General Data Protection Regulation (GDPR) in 2018, U.S. companies have taken few steps to protect consumer data. A year after the introduction of GDPR, U.S. companies appeared to be unaware of the implications they might incur with the imminent arrival of the new data privacy legislation in the U.S., the California Consumer Privacy Act (CCPA).

As compliance with multiple privacy and data protection laws becomes ever more complicated and given that US data privacy legislation is coming soon – with the CCPA already passed and federal legislation likely – we wanted to gauge attitudes to this kind of data protection legislation in the United States.

Ebiquity and the Digital Analytics Association (DAA) have developed a series of recommendations to brands on the opportunities they have to use personal data privacy as and competitive advantage and to build a trusted relationship with their customers. Instead of simply paying lip service to be customer-centric, organizations have the chance to become genuinely more customer focused by giving consumers what they’ve been asking for - greater control of their personal data.

The status of GDPR compliance by U.S. organizations is an important bellwether of the work required for companies to achieve compliance, and the nature and extent of work undertaken to date indicates many organizations still have plenty to do.

Download your complimentary copy of our full report today to read more about what we found, along with our detailed recommendations for brands.