Attorney General. The Attorney General’s office then conducts a second review, and may either concur with the findings of the DCP or dismiss the consumer’s complaint as lacking merit. Although this might lead to a protracted review process, the existence of two levels within the UCPA’s enforcement mechanism might also lead to fewer complaints in which a violation is determined to have occurred. The UCPA does not create a private cause of action. The UCPA became effective December 31, 2023. Also, HB 418 the “Digital Choice Act” supplementing the UCPA, gives consumers the right to access and data portability of their personal data records and social media interactions from social media platforms. Massachusetts Massachusetts has widely been regarded as the gold standard for data security laws. Massachusetts requires any company that owns or licenses personal information from residents of the state to develop, implement, and maintain a comprehensive written policy that creates proper administrative, technical, and physical safeguards for consumer information. Massachusetts follows a “sliding scale” approach, allowing a smaller business with limited customer information to develop a policy that works to protect their data, but does not require costly investments in software or other technical safeguards. The regulations require encryption of any data relating to a Massachusetts resident transmitted across a public network, as well as encryption (not just password protection) of any customer data on a portable device. The State of Massachusetts makes available a “Compliance Checklist” that guides a business through the process of creating and implementing a comprehensive Written Information Security Program (WISP). Massachusetts data privacy laws and regulations require all persons that own or license personal information of Massachusetts residents to: [D]evelop, implement and maintain a comprehensive information security program that is written in one or more readily accessible
133
Made with FlippingBook - Online Brochure Maker