Besides, nation-state borders are easily crossed online — passports are not needed. However, if people in the United Kingdom or Canada (or any other country) can interact or purchase products or services through your site, then your site must comply with UK and Canadian (or whichever countries) online privacy laws.
And guess what? Online privacy laws are a lot stricter in Europe and elsewhere.
(4) Access to Data;
(5) Transfer of Data.
Bear in mind that the previous five points are a bare minimum and do not fully guarantee that issues and problems won’t arise. Should problems arise, particularly in Arizona, and consumer data is breached you could face severe consequences. Here is an example of what the Arizona Revised Statutes say (Ariz. Rev. Stat. § 44-7501):
Arizona requires a person that owns or licenses computerized data that includes personal information to conduct an investigation when it becomes aware of unauthorized access to unencrypted personal information to determine if there has been a breach. If the investigation determines a breach has occurred, a person must notify the individuals affected. The disclosure is to be made without unreasonable delay, subject to law enforcement needs and internal investigations to restore the data integrity. Arizona further requires that a person that maintains computerized data that includes personal information that it does not own or license disclose any security breach to the owner or licensor immediately following the discovery.
Notice can be given (A) in writing, (B) by email, (C) by telephone or (D), in certain circumstances, by substitute notice that includes email, posting on the person’s website and notification by statewide media. Notification is not required if, after reasonable investigation, the person or law enforcement agency determines that a breach has not occurred or is not likely to occur. Personal information means a person’s first name or first initial and last name in combination with one or more of the following that is not encrypted or redacted: (A) social security number, (B) driver’s license number or identification card number, and (C) account number, credit card number, or debit card number in combination with security code, access codes or password. A person who complies with federal notification requirements or security breach rules, and a person who maintains notification procedures as part of an information security
To ensure your website is in compliance with state and federal regulations, contact us today!