As the concern for data privacy grows, new data from Comparitech identified the best states for online privacy.
Comparitech released a report on Friday that identified which US states had the best approach to online privacy based on a range of criteria, including laws that govern how companies use and disclose data, as well as laws that protect journalists, children, and employees.
The report noted that Comparitech added new criteria to the privacy assessment in 2018. This included whether companies allowed customers to opt out of data sharing and whether companies deleted personal data upon request and disclosed what personal data was collected about a person.
SEE: Information security policy (Tech Pro Research)
Similarly, additional criteria dealing with warrants were added to the assessment. If warrants were required for law enforcement to access personal data, or to track someone's location via GPS or other technologies, they met the report's criteria.
Here are the best and worst states for online privacy, according to the report.
What pushed California to the top was its passing of the "toughest privacy and data protection law in the nation," according to the report. The state's Electronic Communications Privacy Act protects all of residents' cloud data, metadata, emails, text messages, and similar types of data. The report noted that though many states have passed laws that protect some of those forms of data, California was the only one to protect all, which gave the state a score of 75%.
According to the report, Delaware held the no. 1 spot in 2017. It has similar data privacy laws to California, including laws that address advertising to children and inconspicuous privacy policies. It scored 60%.
Utah is one of the two states that prevents internet service providers from sharing customer data to third parties without consent, the report noted. It also scored 60%.
Wyoming and Mississippi tied for the worst, both with a score of 20%. According to the report, Wyoming doesn't require companies to disclose when a breach of data occurs. Mississippi, the report noted, doesn't require companies to dispose of personal user data.
Following those states as the worst are South Dakota and Alabama, with a score of 25%. Both states also lack laws that require companies to inform customers of a data breach.
Check out the full list and findings here.
The big takeaways for tech leaders:
- According to reporting from Comparitech, California and Delaware have the best online privacy among US states.
- Wyoming and Mississippi ranked the worst, according to the report, because they lacked laws that require companies to inform customers of a data breach.
- Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- Facebook makes GDPR push with new data privacy settings (ZDNet)
- 5 data protection policies your employees must know in the post-GDPR era (TechRepublic)