New protections for consumers, such as the EU’s General Data Protection Regulation (GDPR)— which is celebrating its first anniversary, and the new California Consumer Privacy Act (CCPA), provide consumers with added protections to ensure their privacy and prevent issues related to data theft or misuse. They do this by defining what is meant by personally identifiable information (PII), establishing compliance standards for organizations to meet, and imposing severe penalties for organizations that fail to protect the PII of their customers.