The automobile industry has been racing full speed ahead in recent years on its quest for increased connectivity and automation, but it may soon find itself swept up in the wave of privacy and data security laws and regulations proliferating around the world.

California’s Consumer Privacy Act, set to go into effect on Jan. 1, is an illustrative example of how regulators are now viewing data privacy and cybersecurity, with its focuses on: (1) an expansive definition of “personal information”; (2) providing individuals with numerous data privacy rights akin to the European Union’s General Data Protection Regulation; and (3) having “reasonable” cybersecurity controls in place to prevent the unauthorized access to or acquisition of personal information or sensitive personal information.

Originally published in Law360 - December 16, 2019.