Notifications & Messages

Jared Hamilton
From: Jared Hamilton
Hey - It’s time to join the thousands of other dealer professionals on DrivingSales. Create an account so you can get full access to the articles, discussions and people that are shaping the future of the automotive industry.
Erik Nachbahr, CISSP

Erik Nachbahr, CISSP President

Exclusive Blog Posts

Don't Be that GM

Don't Be that GM

The General Manager role isn’t an easy one, nor is it a role for the faint of heart. You need thick skin…. But that doesn't mean we don&rs…

Google Page Experience Update 

Google Page Experience Update 

Google Page Experience Update  While your car dealerships website generates many leads for you currently, things may soon change. Google cons…

How to Boost your SEO during Corona Times?

How to Boost your SEO during Corona Times?

Search engine optimization is a strategic process of utilizing online content, improving the user experience, and finally implementing technical aids …

Don't Get Caught On the Hamster Wheel With Marketing Fatigue

Don't Get Caught On the Hamster Wheel With Marketing Fatigue

Have you ever sat at your desk with your palm against your forehead, trying to put together the same old marketing you do month after month? You are not al…

Training Produces a Polished, Professional Service Advisor

Training Produces a Polished, Professional Service Advisor

Working at the service desk or being a customer who brings a vehicle in for maintenance, it’s evident when a service advisor doesn’t know w…

Federal Consumer Data Privacy Act in the Works

Do you think that compliance with the proposed FTC Safeguards Rule, the California Consumer Protection Act (CCPA) or New York’s SHIELD Act, puts an onerous burden on dealers? To put it mildly, you aint’ seen nothin’ yet.

Congress recently introduced The Online Privacy Act, new legislation that establishes a “privacy bill of rights” for consumers and is similar in language to Europe’s General Data Protection Regulation (GDPR).

The motivation behind the new bill is that data-collection and data-sharing industries make billions annually from selling Americans’ personal information and that privacy for online consumers is nearly non-existent.

The new law targets tech companies in particular, but applies to every business that collects, stores and sells consumers’ personal and identifiable information (PII). This includes auto dealerships.

If passed, The Online Privacy Act would be even tougher than California’s CCPA, which goes into effect in January 2020.

In a nutshell The Online Privacy Act would:

Create user rights

The bill grants every American the right to access, correct or delete their data. It also creates a right impermanence, which lets customers decide how long companies can keep their data.

Establish a Digital Privacy Agency (DPA)

Currently the Federal Trade Commission broadly regulates privacy, but only employs a few dozen people who are dedicated to enforcing violations. The Online Privacy Act establishes a new federal agency of 1,600 officials who would be empowered to issue new regulations and enforce the new privacy law. As written, the DPA would be about the same size as the Federal Communications Commission (FCC).

Define how companies may use, and not use, customer data

If this legislation is passed, auto dealerships will be required to be transparent about what they do with customers’ data. Auto dealers could not disclose, share or sell user data without receiving explicit consent from customers. The bill minimizes the amount of data companies collect, process and maintain, and bars companies from using data in discriminatory ways.

Additionally, The Online Privacy Act forbids the use of private communications like email, in order to target customers with ads.

If your dealership experiences a data breach that exposes your customers’ personal data, you would have 72 hours to alert both your customers and the DPA.

Strengthen enforcement

If your dealership violates any of the rules laid out in the Online Privacy Act, or any of the new regulations created by the DPA, you could be fined as much as $42,530 per incident. It would also allow state attorneys generals to bring civil actions and consumers to bring civil suits against your dealership for lack of compliance.

Whether The Online Privacy Act passes into law remains to be seen. Currently there is some debate over details like whether the bill should pre-empt states’ laws or whether individuals should be allowed to sue companies for violations.

However, the legislation has bipartisan support, and both democrats and Trump have stated they want a consumer data privacy law.

Greg Wells


This is a serious topic. Thanks for sharing. Hopefully the NADA and OEM's will educate all the dealers. This is way off the radar for many dealerships.

 Unlock all of the community & features  Join Now