The Sunshine Shield: Florida’s Data Privacy Law
With privacy legislation sweeping the nation, Florida is right on the heels of states like Montana and Texas — as the latest to enact a comprehensive data privacy law.
The Florida Digital Bill of Rights (FDBR), was signed into law on June 6, 2023 and goes into effect July 1, 2024. Get up to speed on all the updated parameters and see what you can do to prepare ahead of time.
What is the Florida Digital Bill of Rights?
The FDBR recognizes the importance of an individual’s right to privacy. Thus, it provides for a number of consumer rights, including:
- Right to confirm whether a controller is processing the consumer’s personal data, and to access the personal data.
- Right to correct inaccuracies in the consumer’s personal data, taking into account the nature of the personal data and the purposes of the processing of the consumer’s personal data.
- Right to delete any and all personal data provided by or obtained about the consumer.
- Right to obtain a copy of the consumer’s personal data in a portable and, to the extent technically practicable, readily usable format if the data is available in a digital format.
- Right to opt out of the processing of the consumer’s personal data for purposes of: (a) targeted advertising; (b) the sale of personal data; or (c) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.
- Right to opt out of the collection of sensitive data, including precise geolocation data, or the processing of sensitive data.
- Right to opt out of the collection of personal data collected through the operation of a voice recognition or facial recognition feature.
Who does the FDBR apply to?
The scope of the FDBR applies to any sole proprietorship, partnership, limited liability company, corporation, association, or legal entity that conducts business in Florida, operates for profit, and meets the following requirements:
- Collects personal data about consumers, or are involved in the collection of such data
- Determines how and why personal data about consumers is processed, either alone or jointly with others
- Generates over $1 billion in global annual revenue
- Meets at least one of the following criteria:
- Earns 50% or more of their global annual revenue from online advertisements
- Provides a consumer smart speaker and voice command service with an integrated virtual assistant that connects to a cloud computing service via hands-free verbal activation
- Operates an app store or digital distribution platform with a minimum of 250,000 downloadable software applications for consumers
Some exemptions do apply for entities such as government, nonprofit organizations, higher education institutions, financial institutions subject to the Gramm-Leach-Bliley Act (GLBA), and “covered entities” under the Health Insurance Portability and Accountability Act (HIPAA).
Achieve FDBR Compliance with BigID
BigID helps organizations proactively prepare to achieve compliance for the Florida Digital Bill of Rights (FDBR) with its automated privacy management platform.
- Discover your data: BigID provides deep data discovery and classification, mapping data flows, and data lineage tracking to gain full visibility on personal information that is subject to FDBR regulations.
- Automate DSARs: BigID manages data subject requests, such as access, deletion, and correction requests, by automating the fulfillment process and providing a centralized dashboard for tracking and reporting.
- Data minimization and retention: BigID’s Data Retention App applies data minimization principles by identifying and categorizing unnecessary or excessive personal data. It assists in defining appropriate data retention periods and implementing policies to manage data retention and disposal.
- Assess risk with PIA assessments: BigID offers automated privacy impact assessments, data inventory reports, and remediation plans to identify risks to help organizations ensure compliance with FDBR.
- Data breach readiness and response: BigID’s Breach Data Investigation App assists organizations in data breach readiness and response. It helps detect and investigate data breaches, facilitating prompt incident response and notification to relevant authorities and affected data subjects.
To see how BigID can accelerate your FDBR compliance— schedule a 1:1 demo today.