When it comes to privacy legislation, denial often comes before compliance.
When GDPR went into effect back in 2018, some companies in the US simply ignored it, opting to shut down or limit operations in the EU instead of adjusting their data privacy practices.
But with privacy legislation in California (CPRA), Colorado (CPA) and Virginia (VCDPA) set to go into effect in 2023, American businesses will have no choice but to accept and act.
How exactly does this trio build on the precedents that GDPR and CCPA have set? And what do companies need to do now to ensure compliance in 2023?